HoPLA: a Honeypot Platform to Lure Attackers

Chiapponi, Elisa; Catakoglu, Onur; Thonnard, Olivier; Dacier, Marc
C&ESAR 2020, Computer & Electronics Security Applications Rendez-vous, Deceptive security Conference, part of European Cyber Week, 14-15 December, Rennes, France

Airline websites are the victims of unauthorized online travel agencies and aggregators that use armies of bots to scrape prices and flight information. These so-called Advanced Persistent Bots (APBs) are highly sophisticated. They are provided by specialized companies that offer them as bots as a service" and they leverage professional proxy-
ing companies (mis)using millions of residential IP addresses. On top of the valuable information taken away, these huge quantities of requests consume a very substantial amount of resources on the airline websites. In this work, we present a platform capable of mimicking these sites, at a much lower cost, and we provide early results on an experiment in which we have lured for almost 2 months several bots and have fed them
indistinguishable inaccurate information.

Digital Security
Eurecom Ref:

PERMALINK : https://www.eurecom.fr/publication/6366