A Comprehensive Research Study on Low-Interaction Secure Shell Honeypot


  • Sudesh Pahal MSIT, New Delhi.
  • Preity Priya MSIT, New Delhi.




Honeypot, SSH logging, Network Security, Deception Technology


This paper details information acquired from a secure shell honeypot, including plaintext login credentials and comprehensive attack data. As the number of data breaches and password leaks rises year after year, more dictionaries of reverse-engineered hashed passwords develop. Besides contributing to educational password dictionaries, this article also attempts to provide information about the geographical makeup of hackers encountered, as well as favored protocols. Its goal is to encourage developers to produce practical honeypot solutions for organizations with limited resources for their cyber-protection, as well as to encourage organizations to implement such measures and study their data. The low-interaction, user-friendly honeypot created is capable of running without manual intervention, and without interfering with parallelly running processes. Besides collecting login credentials used with SSH, in plaintext, its capabilities include recording, analyzing, and sending notifications about suspicious network traffic.

Author Biographies

Sudesh Pahal, MSIT, New Delhi.

Maharaja Surajmal Institute of Technology, New Delhi, India.

Preity Priya, MSIT, New Delhi.

Maharaja Surajmal Institute of Technology, New Delhi, India.


M. Kumar, “Security Issues and Privacy Concerns in the Implementation of Wireless Body Area Network” in 2014 International Conference on Information Technology, 2014.

Khanum, S., Pahal, S., Makkad, A., Panwar, A., & Panwar, A. (2018). Securing Onion Routing Against Correlation Attacks. Advances in Intelligent Systems and Computing, 573–580. https://doi.org/10.1007/978-981-13-1819-1_54

R. C. Joshi and A. Sardana, “Honeypots: A New Paradigm to Information Security”, 1st ed., Science Publishers, 2011.

M. Tsikerdekis, S. Zeadally, A. Schlesener, and N. Sklavos, “Approaches for Preventing Honeypot Detection and Compromise” in Global Information Infrastructure and Networking Symposium (GIIS), 2018.

R. M. Campbell, K. Padayachee, and T. Masombuka, “A survey of honeypot research: Trends and opportunities” in 10th International Conference for Internet Technology and Secured Transactions (ICITST), 2015.

What Is a DMZ and Why Would You Use It? Fortinet. “Reference: Available from: https://www.fortinet.com/resources/cyberglossary/what-is-dmz” (Accessed 28 August 2021).

G. E. J. Du, “A Study on Cyber Defense Honeynet Technology and Configuration Examples” in International Journal of Simulation: Systems, Science & Technology, 2016.

J. Franco, A. Aris, B. Canberk, and A. S. Uluagac, “A Survey of Honeypots and Honeynets for Internet of Things, Industrial Internet of Things, and Cyber-Physical Systems” in IEEE Communications Surveys & Tutorials, 2021.

Turpitka, D. (2020, January 28). When You Can’t Stop Every Cyberattack, Try Honeypots. Forbes. “Reference: Available from: https://www.forbes.com/sites/forbestechcouncil/2020/01/28/when-you-cant-stop-every-cyberattack-try-honeypot” (Accessed 28 August 2021).

M. Sharma, S. Pant, D. Kumar Sharma, K. Datta Gupta, V. Vashishth, & A. Chhabra. “Enabling security for the Industrial Internet of Things using deep learning, blockchain, and coalitions. Transactions on Emerging Telecommunications Technologies”. 2020. – 8

Cole, J. (2011, December 3). SSH Password Logging. “Reference: Available from: https://www.jessecole.org/2011/12/03/ssh-password-logging/” (Accessed 19 October 2021).

W. Cabral, C. Valli, L. Sikos, and S. Wakeling, “Review and Analysis of Cowrie Artefacts and Their Potential to be Used Deceptively” in 2019 International Conference on Computational Science and Computational Intelligence (CSCI), 2019.

Additional Files