Australian Digital Forensics Conference

Document Type

Conference Proceeding


School of Computer and Information Science, Edith Cowan University, Perth, Western Australia


Can a hacker be controlled by predetermined deception? Limiting the decision making capabilities of hackers is one technique of network countermeasure that a honeynet enables. By furnishing a honeynet with a realistic range of services but restricted vulnerabilities, a hacker may be forced to direct their attacks to the only available exploits. This research discusses the deployment of a honeynet configured with a deceptive TELNET and TFTP exploit. Four hackers were invited to attack the honeynet and the analysis of their compromise identified if they engaged in a guided pathway to the intended deception. Hand trace analysis was performed on network log files to determine their primary attack vector. Conceptual analysis and frequency analyses methods were adopted to verify the hacker’s compromise and subsequent deception. The results demonstrated how three out of four hackers were lead down a misguided pathway of network deception.


Originally published in the Proceedings of the 4th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia, December 4th 2006.