Honeypots in the Age of Generative AI: A Framework for Risk-Aware Threat Detection and Cyber Deception
DOI:
https://doi.org/10.63282/3050-922X.IJERET-V4I1P113Keywords:
Honeypots, Cyber Deception, Generative AI, Risk-Aware Security, Adaptive Threat Detection, AI-Augmented Cyber DefenseAbstract
The rapid advancement of generative artificial intelligence (AI) has introduced both novel opportunities and significant challenges in cybersecurity. Traditional honeypots, long employed to detect, analyze, and deceive malicious actors, face limitations in addressing highly adaptive, AI-driven threats. This paper presents a risk-aware framework for AI-augmented honeypots, designed to enhance threat detection while minimizing operational, legal, and ethical risks. The framework integrates generative AI techniques to create dynamic, interactive, and realistic decoy environments, enabling improved engagement and intelligence collection from sophisticated adversaries. We propose a risk scoring model to evaluate potential hazards associated with AI-driven deception, and illustrate the framework’s implementation through a prototype leveraging synthetic environments, automated response engines, and adaptive interaction strategies. Experimental results demonstrate increased detection efficacy, prolonged attacker engagement, and actionable intelligence extraction compared to conventional honeypots. Finally, we provide operational guidelines and ethical considerations to inform safe deployment in enterprise and cloud environments. This study offers a systematic approach to modernize honeypot design in the age of generative AI, supporting proactive cyber defense and strategic deception
References
[1] Al-Junaid, E. W. (2017). Honeypots technology in combat cybercrimes. European International University Conference Proceedings, 1(1), 45–52.
[2] Shameli-Sendi, A., Jafarian, J., & Dagenais, M. (2017). A survey of active cyber defense techniques and tools. ACM Computing Surveys, 50(5), 1–37. https://doi.org/10.1145/3123772
[3] Mairh, A., Barik, R. K., Verma, G., & Jena, D. P. (2018). Honeypot in network security: A survey. International Journal of Computer Applications, 179(18), 1–9.
[4] Fraunholz, D., Zimmermann, M., & Schotten, H. D. (2018). A comprehensive literature review of honeypots. EURASIP Journal on Information Security, 2018(1), 1–17. https://doi.org/10.1186/s13635-018-0071-4
[5] Sokolov, M., & Nazarov, A. (2018). High-interaction honeypot system for network attack detection. Journal of Information Security, 9(2), 81–90.
[6] Mohurle, S., & Patil, M. (2019). Deception technologies for cyber defense: A survey. International Journal of Computer Sciences and Engineering, 7(6), 952–960.
[7] Shinde, A., Doshi, P., & Setayeshfar, O. (2020). Active deception using factored interactive POMDPs to recognize cyber attacker’s intent. IEEE Transactions on Games, 12(4), 398–408. https://doi.org/10.1109/TG.2020.3014487
[8] Tom, A., & Nachappa, M. N. (2020). A study on honeypots and deceiving attacker using modern honeypot network. International Journal of Trend in Scientific Research and Development, 4(6), 85–89.
[9] Wang, P., Zhang, Z., Lv, T., & Liu, Y. (2020). A deception-based cyber defense model for intelligent networks. IEEE Access, 8, 184199–184210. https://doi.org/10.1109/ACCESS.2020.3028814
[10] Zarca, A. M., Bernabe, J. B., & Skarmeta, A. (2020). HADES-IoT: An IoT cyber-security intrusion detection system based on honeypots. Sensors, 20(16), 4512. https://doi.org/10.3390/s20164512
[11] Aggarwal, P., Du, Y., Singh, K., & Gonzalez, C. (2021). Decoys in cybersecurity: An exploratory study to test the effectiveness of two-sided deception. Frontiers in Psychology, 12, 734563. https://doi.org/10.3389/fpsyg.2021.734563
[12] Franco, J., Aris, A., Canberk, B., & Uluagac, A. S. (2021). A survey of honeypots and honeynets for IoT, IIoT, and CPS: Motivations, challenges, and recommendations. IEEE Communications Surveys & Tutorials, 23(4), 2351–2383. https://doi.org/10.1109/COMST.2021.3101000
[13] Katt, B., Beckers, K., & Wieringa, R. (2021). Cyber deception: State-of-the-art, challenges, and future directions. Computers & Security, 108, 102376. https://doi.org/10.1016/j.cose.2021.102376
[14] Panda, S., Rass, S., Moschoyiannis, S., Liang, K., Loukas, G., & Panaousis, E. (2021). HoneyCar: A framework to configure honeypot vulnerabilities on the Internet of Vehicles. IEEE Transactions on Intelligent Transportation Systems, 23(11), 20495–20507. https://doi.org/10.1109/TITS.2021.3134201
[15] Iyer, K. I. (2021). Adaptive honeypots: Dynamic deception tactics in modern cyber defense. International Journal of Scientific Research in Computer Science & Engineering, 9(1), 1–8.
[16] Kumar, V., Bhardwaj, S., Chouksey, P., Sadotra, P., & Chopra, M. (2021). Emerging trends in honeypot research: A review of applications and techniques. International Journal of Human Computing Studies, 4(2), 74–88.
[17] Morozov, D. S., Yefimenko, A. A., Nikitchuk, T. M., Kolomiiets, R. O., & Semerikov, S. O. (2022). The sweet taste of IoT deception: An adaptive honeypot framework for design and evaluation. Journal of Engineering and Computer Sciences, 27(1), 122–134.
[18] Gopireddy, S. R. (2022). AI-powered honeypots: Enhancing deception technologies for cyber defense. International Journal of Advanced Computer Science, 12(3), 51–58.
[19] Singh, A., & Joshi, R. (2022). A comprehensive review of cyber deception technologies in modern threat environments. Journal of Cybersecurity Technology, 6(2), 178–197. https://doi.org/10.1080/23742917.2021.2005789
[20] Mahbooba, Z., Palomares, I., & Agiollo, Á. (2022). A multi-agent cyber deception framework for adaptive attacker engagement. IEEE Access, 10, 119453–119468. https://doi.org/10.1109/ACCESS.2022.3219082
