Honeypots are a well-studied defensive measure in network security. This work proposes an effective low-cost honeypot that is easy to deploy and maintain. The honeypot introduced in this work is able to handle commands in a non-standard way by blocking them or replying with an insult to the attacker. To determine the most efficient defense strategy, the interaction between attacker and defender is modeled as a Bayesian two-player game. For the empirical analysis, three honeypot instances were deployed, each with a slight variation in its configuration. In total, over 200 distinct sessions were captured, which allows for qualitative evaluation of post-exploitation behavior. The findings show that attackers react to insults and blocked commands in different ways, ranging from ignoring to sending insults themselves. The main contribution of this work lies in the proposed framework, which offers a low-cost alternative to more technically sophisticated and resource-intensive approaches.

翻译：蜂蜜罐是网络安全中一项经过深思熟虑的防御性措施。 这项工作提出了一个有效的低成本蜂蜜罐,易于部署和维护。 这项工作中引入的蜂蜜罐能够以非标准的方式处理指令,堵住它们或对攻击者进行侮辱。 为了确定最有效的防御战略,攻击者与捍卫者之间的互动模式以巴耶斯双人游戏为模型。 在经验分析中,部署了三个蜂蜜罐案例,每个案例的配置略有不同。 总共捕获了200多个不同的环节,从而可以对剥削后的行为进行定性评估。 调查结果显示,攻击者以不同的方式对侮辱和阻断指令作出反应,从无视到自我侮辱。 这项工作的主要贡献在于拟议的框架,它为技术更先进、资源密集的方法提供了低成本的替代方法。