Honeypot-as-a-Service dengan Kubernetes Cluster

Authors

  • Rahmat Purwoko Politeknik Siber dan Sandi Negara
  • Dimas Febriyan Priambodo Politeknik Siber dan Sandi Negara http://orcid.org/0000-0001-5347-3248
  • Ghiffari Adhe Permana Politeknik Siber dan Sandi Negara
  • Wawan Laksito Yuly Saptomo STMIK Sinar Nusantara
  • Sri Siswanti STMIK Sinar Nusantara
  • Muhammad Hasbi STMIK Sinar Nusantara

DOI:

https://doi.org/10.26418/jp.v9i2.62076

Keywords:

Honeypot, Cloud Service, Software-as-a-Service, Kubernetes

Abstract

Honeypot merupakan salah satu strategi yang digunakan untuk melindungi jaringan dari serangan siber. Honeypot digunakan untuk menarik penyerang agar menyerang honeypot tersebut daripada perangkat-perangkat jaringan. Namun, penggunaan honeypot masih jarang terjadi di tingkat korporat maupun individu karena membutuhkan tenaga profesional dan infrastruktur khusus untuk mengelolanya selama implementasi. Berdasarkan permasalahan ini, peneliti mengusulkan solusi Software-as-a-Service  (SaaS) yang disebut Honeypot-as-a-Service  (HaaS). HaaS adalah layanan honeypot berbasis cloud yang dikelola oleh orkestrasi kontainer Kubernetes Cluster. Penggunaan Kubernetes Cluster dirancang untuk mengotomatiskan konstruksi, penjadwalan, pemeliharaan, dan penghapusan honeypot berkontainer. Otomatisasi ini dimaksudkan untuk membantu pelanggan yang ingin menggunakan sistem pertahanan berbasis honeypot dalam jaringan mereka tanpa harus menjalankan honeypot mereka sendiri. Pengguna dapat mendaftar akun dan mengonfigurasi honeypot menggunakan dashboard yang langsung terhubung ke cloud honeypot. Sistem ini sedang dikembangkan di lingkungan pusat data Departemen Keamanan Siber dari Politeknik Siber dan Sandi Negara, yang dikelola dengan manajemen virtualisasi Proxmox Virtual Environment. Komponen-komponen dari sistem HaaS terdiri dari honeypot di Kubernetes Cluster, HaaS-proxy, dan HaaS Dashboard. Sistem yang telah dibuat kemudian diuji availability, performance, functionality, and scenario. Hasil evaluasi sistem menunjukkan bahwa sistem HaaS membutuhkan pengembangan lebih lanjut. Meskipun ketersediaan dan performa sistem HaaS telah memenuhi kriteria layanan berbasis cloud, namun fungsionalitas sistem tidak memenuhi standar layanan SaaS secara umum. Namun, honeypot dibangun untuk memenuhi tujuan honeypot dalam menarik penyerang.

References

M. Cusumano, “Cloud Computing and SaaS as New Computing Platforms,†Commun. ACM, vol. 53, no. 4, pp. 27–29, Apr. 2010,

“Study: Hackers Attack Every 39 Seconds | A. James Clark School of Engineering, University of Maryland.†https://eng.umd.edu/news/story/study-hackers-attack-every-39-seconds (accessed Jan. 25, 2023).

Michael J. Kavis, Architecting the Cloud: Design Decisions for Cloud Computing Service Models (SaaS, PaaS, and IaaS), 1st Editio. Wiley, 2014.

J. M. Jorquera Valero, M. Pérez, A. Huertas, and G. Martinez Perez, “Identification and classification of cyber threats through SSH honeypot systems,†in Handbook of Research on Intrusion Detection Systems, IGI Global, 2020, pp. 105–129.

R. M. Campbell, K. Padayachee, and T. Masombuka, “A survey of honeypot research: Trends and opportunities,†in 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), 2015, pp. 208–212.

A. Tiwari and D. Kumar, “Comparitive Study of Various Honeypot Tools on the Basis of Their Classification & Features,†SSRN Electron. J., 2020,

J. H. Jafarian and A. Niakanlahiji, “Delivering honeypots as a service ,†Proceedings of the Annual Hawaii International Conference on System Sciences, vol. 2020-Janua. pp. 1835–1844, 2020.

M. Boorshtein and S. Surovich, Kubernetes and Docker - An Enterprise Guide: Effectively containerize applications, integrate enterprise systems, and scale applications in your enterprise, 2nd Editio. Birmingham: Packt Publishing, 2021.

G. N. Schenker, H. Saito, H.-C. C. Lee, and H. K.-J. Carol, Getting Started with Containerization: Reduce the operational burden on your system by automating and managing your containers. Birmingham: Packt Publishing, 2019.

V. Sharma, Beginning Elastic Stack, 1st ed. Berkeley, CA: Apress, 2016.

S. Chhajed, Learning ELK Stack. Birmingham: Packt Publishing, 2015.

A. Elazazy, “HoneyProxy Implementation in Cloud Environment with Docker Container HoneyFarm,†2018, [Online]. Available: https://web-proxy.io/proxy/dspace.ut.ee/handle/10062/66115

A. Lysholm and J. Valfridsson, “Developing a modular , high-interaction honeypot using container virtualization,†2021.

J. Buzzio-Garcia, “Creation of a High-Interaction Honeypot System based-on Docker containers,†in 2021 Fifth World Conference on Smart Trends in Systems Security and Sustainability (WorldS4), 2021, pp. 146–151.

D. Sever and T. Kišasondi, “Efficiency and security of docker based honeypot systems,†in 2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2018, pp. 1167–1173.

J. vom Brocke, A. Hevner, and A. Maedche, “Introduction to Design Science Research,†in Design Science Research Cases, J. vom Brocke, A. Hevner, and A. Maedche, Eds. Cham: Springer International Publishing, 2020, pp. 1–13.

V. K. Vaishnavi and W. Kuechler, Design Science Research Methods and Patterns: Innovating Information and Communication Technology, 2nd ed. Florida: CRC Press, 2015.

C. Gupta, “HoneyKube : designing a honeypot using microservice s-based architecture.†Aug. 30, 2021. [Online]. Available: http://essay.utwente.nl/88323/

The Linux Foundation, “Kubernetes.†https://kubernetes.io/ (accessed Jan. 26, 2023).

Y.-L. Chen and Q. Li, Modeling and Analysis of Enterprise and Information Systems. Berlin: Springer Berlin Heidelberg, 2009.

G. Sayfan, Mastering Kubernetes: Large scale container deployment and management. Birmingham: Packt Publishing, 2017.

L. T. M. Blessing and A. Chakrabarti, DRM, a Design Research Methodology. London: Springer London, 2009.

K. Blokland, J. Mengerink, and M. Pol, Testing Cloud Service s: How to Test SaaS, PaaS & IaaS, 1st ed. San Rafael: Rocky Nook, 2013.

I. M. Al Jawarneh et al., “Container Orchestration Engines: A Thorough Functional and Performance Comparison,†in ICC 2019 - 2019 IEEE International Conference on Communications (ICC), 2019, pp. 1–6.

A. A. Khatami, Y. Purwanto, and M. F. Ruriawan, “High Availability Storage Server with Kubernetes,†in 2020 International Conference on Information Technology Systems and Innovation (ICITSI), 2020, pp. 74–78.

A. Yahyaoui, “Testing Deceptive Honeypots,†Naval Postgraduate School, 2014.

E. Bauer and R. Adams, Reliability and Availability of Cloud Computing. Hoboken, New Jersey: Wiley-IEEE Press, 2012.

“Develop, deploy, and evolve with Red Hat Hybrid Cloud | Red Hat Hybrid Cloud.†https://cloud.redhat.com/ (accessed Jan. 26, 2023).

J. Shuja, K. Bilal, S. A. Madani, and S. U. Khan, “Data center energy efficient resource scheduling,†Cluster Comput., vol. 17, no. 4, pp. 1265–1277, 2014.

Downloads

Published

2023-08-18