Deployment of honeypots for proactive detection of cyber threats

Abstract

In an increasingly threatened digital environment, the need to implement proactive security mechanisms has become critical. This article presents the design, configuration and validation of a honeypot system, focusing on the T-Pot tool, aimed at proactive cyber threat detection. T-Pot, recognized for its modular architecture and versatility, is deployed as the core of a solution capable of capturing, analyzing, and monitoring malicious activities in real time. The work begins with an overview of honeypots and their applications in cybersecurity, emphasizing their relevance as a deception technique to observe and analyze attacker behavior. A flexible and scalable architecture is defined and implemented in a controlled laboratory environment where various attacks are simulated to evaluate system effectiveness. The results validate the honeypot’s ability to identify intrusion attempts and suspicious behavior, demonstrating T-Pot’s effectiveness as a tool for proactive threat detection.