A4 Article in conference proceedings
Refining Cyber Situation Awareness with Honeypots in Case of a Ransomware Attack (2024)
Ihanus, J., Kokkonen, T., & Hämäläinen, T. (2024). Refining Cyber Situation Awareness with Honeypots in Case of a Ransomware Attack. In Á. Rocha, H. Adeli, G. Dzemyda, F. Moreira, & A. Poniszewska-Marańda (Eds.), WorldCIST 2024 : Good Practices and New Perspectives in Information Systems and Technologies (985, pp. 92-101). Springer. Lecture Notes in Networks and Systems. https://doi.org/10.1007/978-3-031-60215-3_10
JYU authors or editors
Publication details
All authors or editors: Ihanus, Jouni; Kokkonen, Tero; Hämäläinen, Timo
Parent publication: WorldCIST 2024 : Good Practices and New Perspectives in Information Systems and Technologies
Parent publication editors: Rocha, Álvaro; Adeli, Hojjat; Dzemyda, Gintautas; Moreira, Fernando; Poniszewska-Marańda, Aneta
Place and date of conference: Lodz, Poland, 26.-28.3.2024
ISBN: 978-3-031-60214-6
eISBN: 978-3-031-60215-3
Journal or series: Lecture Notes in Networks and Systems
ISSN: 2367-3370
eISSN: 2367-3389
Publication year: 2024
Volume: 985
Pages range: 92-101
Number of pages in the book: 228
Publisher: Springer
Place of Publication: Cham
Publication country: Switzerland
Publication language: English
DOI: https://doi.org/10.1007/978-3-031-60215-3_10
Publication open access: Not open
Publication channel open access:
Abstract
The cyber threat landscape is vast and unstable. One of the top threats in the present moment is ransomware, which is constantly spreading in prevalence. To protect organisations’ cyber operating environment, ability to perceive elements relating to this threat is crucial. At the same time, many security controls face challenges in terms of fidelity of the security events. In this paper, honeypot technology is studied to support situation awareness in case of a ransomware attack. Especially detection capabilities of the honeypots are considered from the perspective of technical characteristic of ransomware. As a conclusion, we propose a construction model for enhancing cyber situation awareness using honeypots during various stages of a ransomware attack. Additionally, the analysed results are explained with identified future research topics.
Keywords: cyber security; safety and security; extortion
Contributing organizations
Ministry reporting: Yes
Preliminary JUFO rating: 1