Deployment of honeypots as proactive detection tools for monitoring cyber related incidences and their applications to information technology
Abstract
The Kenya government is striving to roll out its Vision 2030 programme where ICT plays a major role in achieving the components of the Pillars associated with it. The purpose of this study was to find out the extent to which deployment of HoneyPots as early warning detection tools for monitoring cyber related incidents had been embraced within KENET member institutions in Western Kenya, how they are aiding the institutions in knowing and understanding their adversaries; and allowing them to implement solutions that work in defending the critical internet and network infrastructures they manage. The study was guided by a descriptive study design with a study population of 117 staff members working in various institutions in western Kenya. Using simple random sampling technique, a sample size of 80 respondents were picked and administered with questionnaires, 70 questionnaires were returned for data entry and analysis using Statistical Package for social Sciences version 20. This implies that 87.5% of the respondents turned up for the study. According to the major findings, the study established that most of the KENET member institutions in western Kenyan, despite experiencing cyber security related incidents, had not setup CIRT teams nor deployed Honeypots to help them study cyber security incidents and take appropriate action to defend their constituencies. As a recommendation, the Government, being one of the economic stakeholders, and KENET, should come up with intervention measures through the Ministry of ICT making it mandatory for setup CIRTs. All CIRTs should then be required to direct part of their traffic to the national CERT which ideally should be based at Communication Authority of Kenya to form a Honey Net, which can further be linked with other internationally recognized Honey Net projects.
Â
Downloads
References
Babbie, E. (2007). The Practice of Social Research. Twelfth Edition. USA: Chapman University.
Kenya Cyber Security Report (2014). Serianu Limited. Nairobi: Serianu Ltd,.
IATAC. (2009). Measuring Cyber Security and Information Assurance. In (Information Assurance Technology Analysis Centr) IATAC, Measuring Cyber Security and Information Assurance. Fort Belvoir, Virginia: Defense Technical Information Center.
Spitzner, L. (2002). Honeypots: Tracking Hackers. Boston, Massachusetts: Addison Wesley.
Brenner S. W., L. L. (2005 ). Distributed Security: A New Model of Law Enforcement. John Marshall Journal of Computer & Information Law, Forthcoming.
CAK. (2014). KE-CIRT. Retrieved from www.cck.go.ke: https://www.cck.go.ke/
Canada, L. C. (2004). What Is a Crime? Defining Criminal Conduct. Vancouver/Toronto: UBCPress.
Carter, L. W. (2004). SANS Institute. Retrieved from http://www.sans.org: http://www.sans.org/reading-room/whitepapers/casestudies/setting-honeypot-bait-switch-router-1465
Cunningham, C. C. (2013). Honeypot-Aware Advanced Botnet Construction and Maintenance. University of Central Florida, School of Electrical Engineering and Computer Science. Orlando, FL: University of Central Florida.
Denzin, N.K., & Lincoln, Y.S. (1994). Handbook on Qualitative Research. Thousand Oaks, CA: Sage
Economic Times. (2009, August 19). Cybercrime india and brazil major hub. Retrieved from www.articles.economictimes.indiatimes.com:
ENISA. (2012). Proactive Detection of Security Incidents. Polska: ENISA.
European Cybercrime Survey. (2011). EECTF. Rome: EECTF.
Goodman Marc D. (1997). Why the Police don’t care about computer crime. Harvard journal of law and Technology, 1-30.
KENET. (2014). Our History. Retrieved from www.kenet.or.ke: https://www.kenet.or.ke/
KENET, CERT report. (2014). Welcome to the KENET CERT. Retrieved from www.kenet.or.ke: https://www.kenet.or.ke/
Kombo, D. K., & Delno, L. A. T. (2006). Proposal and Thesis Writing: An Introduction. Nairobi: Pauline’s publications Africa.
London Daily News. (2009). www.cyberlawtimes.com. Retrieved from CyberLawTimes.com: http://www.cyberlawtimes.com/cyberlaw/3-million-online-crimes-a-year-new-cyber-crime-squad-to-be-established/
Newswise. (2009). China linked to 70 percent of worlds spam says computer forensics expert. Retrieved from www.newswise.com: http://www.newswise.com/articles/china-linked-to-70-percent-of-worlds-spam-says-computer-forensics-expert
Pariyani, R. (2014). www.manupatra.co.in. Retrieved from manupatra.co.in: http://www.manupatra.co.in/newsline/articles/Upload/779E337A-DDF8-41AE-ACA4-89F3CB746F2D.pdf
Pathan, A.-S. K. (1990/91). The State of the Art in Intrusion Prevention and Detection. Natick, Massachusetts: CRC Press, Taylor & Francis Group.
Ping Wang, L. W. (2010). Honeypot detection in advanced botnet attacks. Int. J. Information and Computer Security, 30-32.
Punch, F.K. (2010). Introduction to Social Research: Quantitative and Qualitative Approaches. Second Edition. New Delhi: Sage Publications Ltd.
Sabine, L., & Everitt, B.S. (2004). A Handbook of Statistical Analysis Using SPSS. USA: Chapman & Hall /CRC Press on 30/08/2012.
Saini H., Rao Y. S., Panda T.C.(2012) International Journal of Engineering Research and Applications (IJERA) 2 (2): 202-209.
Schuttler, K. (2014). Eastern Michigan University College of Technology. Retrieved from www.emich.edu: www.emich.edu/ia/pdf/research/Honeypotresearch.pdf
Spitzner, L. (2002, December 10). Windowsecurity. Retrieved from www.windowsecurity.com/whitepapers/honeypots/Honeypots_Definitions_and_Value_of_Honeypots.htm
Copyright (c) 2015 Bulletin of Advanced Scientific Research
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms: a) Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal. b) Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal. c) Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).