A report on the security of home connections with IoT and docker honeypots

This paper collects information related to attacks that may affect the security of home devices and software. In particular, we focus on i) IoT attacks, exploiting low energy consumption hardware or enhanced appliances, and ii) applications running in Docker containers, which is now a very common means to run lightweight virtual machines. To gather the attack information we adopt honeypots, i.e. programs that simulate well-known services and protocols, or systems that can be targeted by bots or malicious people. Honeypots log all the activity performed on their interface, without implementing the service completely. We use three different honeypots (Cowrie, Dionaea, and Whaler), each of them able to simulate different services. All of them are installed on a Raspberry Pi by using different virtualisation technologies, and exposed to the world through a simple home data-connection. Information is then processed, queried, and visualised by using ELK.