Lance Spitzner (2002), project HoneyNet founder, defines Honeypots as “a security resource whos value lies in being probed, attacked or compromised,” which implies that when a system is designated as aHoneypot, the target is to get it exploited, delved and attacked. The idea is to falsely present the system as available for being probed so that the administrator could evaluate its weak areas and the hacker can be traced. Since Honeypots only act like live systems and do not contain live data therefore, the intruder can never comprehend that the network is fake. This aspect, however, paves the way for ethical concerns since Honeypots involve making the systemvulnerable to outside attacks. The strategy of entrapment that Honeypots entail has also becomes controversial matter. However, Honeypots has its fair share of pluses and minuses, which are described below.
1. Honeypots inform about the shortcomings in security systems. Usage of Honeypots although poses a threat to the system but from a long-term perspective it can encourage introduction of more secure, effective and alert security systems. Scottberget al., assert that “tracking an intruder in a honeypot reveals invaluable insights into attacker techniques and ultimately motives so that production systems can be better protected. You may learn of vulnerabilities before they are exploited” (2002, pp. 388).
2. Kurt Kleiner(2005) believes that Honeypots are advantageous for information systems because of their ability of containing and/or fighting viruses. Honeypots can be considered as healing hubs that “would attract a virus, analyse it automatically, and then distribute a counter measure” (Kleiner 2005).
3. Mark Edmead(2002) considers Honeypot as beneficial because in comparison to IDS (Intrusion Detection System) it only collects small data, which limits the network bandwidth requirement as well as the amount of data to be ...