TY - GEN
T1 - Log4jPot
T2 - 33rd Irish Signals and Systems Conference, ISSC 2022
AU - Sopariwala, Shein
AU - Fallon, Enda
AU - Asghar, Mamoona Naveed
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - The global digital landscape is changing rapidly with the advances in science and technology. A plethora of new breakthroughs are being made every day in several different fields, such as Internet infrastructure, Web 3.0, and AR/VR technologies. With these ever-increasing digital advancements, cybersecurity threats and vulnerabilities are also being exploited daily. In recent times, another critical vulnerability 'Log4jshell' is identified in the logging tool Log4j. The ubiquity of this logging tool among many worldwide online services has exposed millions of devices to this vulnerability. In order to address this critical issue, the paper presents a framework for improving system security against Log4j attacks. The proposed framework deploys an in-house honeypot to detect and defend against various types of Log4j payloads. Experimental results prove the efficiency and accuracy of Log4j payload detection with an average execution time of 80.104 milliseconds for all utilized HTTP methods. In addition, the paper describes Log4shell vulnerabilities, webhooks, and provides a comparative assessment with previously proposed solutions.
AB - The global digital landscape is changing rapidly with the advances in science and technology. A plethora of new breakthroughs are being made every day in several different fields, such as Internet infrastructure, Web 3.0, and AR/VR technologies. With these ever-increasing digital advancements, cybersecurity threats and vulnerabilities are also being exploited daily. In recent times, another critical vulnerability 'Log4jshell' is identified in the logging tool Log4j. The ubiquity of this logging tool among many worldwide online services has exposed millions of devices to this vulnerability. In order to address this critical issue, the paper presents a framework for improving system security against Log4j attacks. The proposed framework deploys an in-house honeypot to detect and defend against various types of Log4j payloads. Experimental results prove the efficiency and accuracy of Log4j payload detection with an average execution time of 80.104 milliseconds for all utilized HTTP methods. In addition, the paper describes Log4shell vulnerabilities, webhooks, and provides a comparative assessment with previously proposed solutions.
KW - Detection
KW - FastAPI
KW - Log4j
KW - Low interaction honeypot
KW - Python
KW - Webhooks
UR - http://www.scopus.com/inward/record.url?scp=85135878872&partnerID=8YFLogxK
U2 - 10.1109/ISSC55427.2022.9826147
DO - 10.1109/ISSC55427.2022.9826147
M3 - Conference contribution
AN - SCOPUS:85135878872
SN - 9781665452274
T3 - 2022 33rd Irish Signals and Systems Conference, ISSC 2022
BT - 2022 33rd Irish Signals and Systems Conference, ISSC 2022
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 9 June 2022 through 10 June 2022
ER -
