- Balkan Journal of Electrical and Computer Engineering
- Cilt: 12 Sayı: 4
- Analysis of Malicious Files Gathering via Honeypot Trap System and Benchmark of Anti-Virus Software
Analysis of Malicious Files Gathering via Honeypot Trap System and Benchmark of Anti-Virus Software
Authors : Melike Başer, Ebu Yusuf Güven, Muhammed Ali Aydın
Pages : 337-348
Doi:10.17694/bajece.1506554
View : 30 | Download : 74
Publication Date : 2025-01-07
Article Type : Research Paper
Abstract :In the age of widespread digital integration, the rise in cyber threats is evident. Cyber attackers use malicious software (malware) to compromise data and exploit system resources, employing tactics such as remote control or ransom through data encryption. Despite the common use of antivirus software with signature-based detection, this study reveals its limitations. Using a honeypot trap system on Google Cloud, suspicious files uploaded by attackers were analyzed. Results from evaluating these files with 64 antivirus programs show that relying solely on signature-based methods is insufficient. Only three programs had success rates exceeding 90\\\\%, while the majority had success rates predominantly below 70\\\\%. This underscores the need for diverse detection techniques alongside signature-based methods to enhance cybersecurity. The repository containing collected malicious files and the Python script is available on Github, serving as a valuable research resource for further exploration.Keywords : Malware, Honeypot, Antivirus Benchmark, Signature-based, Malware Dataset