Artificial Intelligence (AI) Honeypots

Result Type

Scientific/Technological R&D Result including ICT Hardware

Lead Developer

Future Intelligence Ltd

Keywords

Early Detection, Smart Honeypots, Virtual Decoys, Warning System, Artificial Intelligence (AI)

Our unique value consists of providing a solution that can be both accommodated in cloud and on-premise (addressing as such any Cloud-derived security/privacy concerns) deployments providing a consistent experience form the users; further to that the utilisation of acceleration from the hardware versions enables for the edge-based cyber-attack detection and analysis by providing results on the spot; finally the, offer of an open API and the adoption of standards (e.g. STIX) for sharing the cyber-attacks information promotes the solution's inter-operability by a) facilitating its integration in already deployed cyber-attack detection warning ecosystems and b) by enabling it to exploit third-party AI algorithms towards extending the detection capabilities range. In this context, the honeypots will contribute to detecting faster the launched cyber-attacks, thus enabling the business to take faster the proper actions and as such minimise the negative impact on the business in terms of affected assets (e.g. disrupted IT systems and services), lost profits from the services' disruption, lost reputation, and lost work hours.

Result Type

AI Honeypots of SPHINX are realised both as virtual and hardware appliances. The virtual one is based on docker framework making it suitable for both cloud and on-premise installations; the hardware one mainly suited for on-premise installations comes in two flavours, the first one based on a low-cost Advanced RISC Machine (ARM) system – Quad-core Cortex-A7 central processing unit (CPU) – that is able to support lightweight detection algorithms whereas the second one is capable of operating as a honeypot and a router system, with the capability of handling computing-intensive algorithms without a noticeable delay for the attacker. To achieve this, the system utilises programmable logic in the form of a compact low power field-programmable gate array (FPGA) module. SPHINX AI Honeypots are to be part of an organisation’s cyber defence arsenal aiming to detect manifested cyber-attacks as early as possible by luring the adversaries to attack them instead of the real production IT systems. In this direction, the honeypots host vulnerable services that may be considered targets from an adversary.

Target Business Sectors / EU Policy Areas

  • Business and industry
  • Digital economy and society
  • Research and innovation

Contribution to UN Sustainable Development Goals