DEVELOPMENT OF A LIGHTWEIGHT HONEYPOT SYSTEM FOR DETECTING UNAUTHORISED ACCESS ON A LOCAL NETWORK
Faculty
Department
Year of Publication
Keyword
Publication Type
Abstract
This project focuses on the design and implementation of a lightweight honeypot system aimed at detecting and logging unauthorized access attempts on a local network. With cyberattacks
becoming increasingly common and sophisticated, many small organizations lack the tools to properly monitor their networks. Honeypots offer a simple yet effective way to study intrusion behaviour by acting as decoy systems that attract potential attackers. The system developed in this project was built using Python due to its flexibility and strong support for network programming through libraries such as socket, datetime, and logging. It works by listening on a specific network port, recording each incoming connection, and logging details such as the intruder’s IP address, timestamp, and input commands into a text file named honey.txt. Using the prototyping methodology, the system was built and tested within a controlled local
environment using Telnet and Nmap to simulate intrusion attempts. The results confirmed that the honeypot could efficiently detect connections, capture relevant data, and operate smoothly with minimal resource use. Overall, this project shows that lightweight honeypots can provide valuable insights into network security and help raise awareness of potential threats, especially for small organizations and students. Future improvements could include multi-port monitoring, real-time alert features, and database-based log management to enhance system efficiency and scalability.
becoming increasingly common and sophisticated, many small organizations lack the tools to properly monitor their networks. Honeypots offer a simple yet effective way to study intrusion behaviour by acting as decoy systems that attract potential attackers. The system developed in this project was built using Python due to its flexibility and strong support for network programming through libraries such as socket, datetime, and logging. It works by listening on a specific network port, recording each incoming connection, and logging details such as the intruder’s IP address, timestamp, and input commands into a text file named honey.txt. Using the prototyping methodology, the system was built and tested within a controlled local
environment using Telnet and Nmap to simulate intrusion attempts. The results confirmed that the honeypot could efficiently detect connections, capture relevant data, and operate smoothly with minimal resource use. Overall, this project shows that lightweight honeypots can provide valuable insights into network security and help raise awareness of potential threats, especially for small organizations and students. Future improvements could include multi-port monitoring, real-time alert features, and database-based log management to enhance system efficiency and scalability.
Supervisor(s)
co-supervisor