In the world of information technology and the Internet, the proliferation of connected objects, online services, and the amount of data in transit, has led to the emergence of a new paradigm called Edge computing. This concept brings IT intelligence closer to the periphery to meet the demands of these increases. Through the various layers that make up it, attacks are constant, and devices connected to the Internet are continually scanned by hackers who try to find valuable data, critical applications, and vulnerabilities in network infrastructures. A pot of honey is by vocation, an information system, more or less artificial, whose main purpose is to be probed, attacked, and possibly compromised in order to make a hacker believe that he has penetrated the organization’s real network. Thanks to the honey pot, the hacker is removed from the real network and its activities and movements can be captured and monitored. The information collected about attackers allows us to study their methods, motivations, and attack techniques they use to penetrate or corrupt a system. The aim is to develop ways to improve system security and prevent future attacks. One of the areas affected by these security improvements is the software development industry. It is increasingly turning to movements such as DevOps, which improve the performance and quality of software, facilitate collaboration between development, security, and operations teams, but also to reduce the life cycle of development. One of the major problems of this life cycle is the lack of continuous integration of security. Security issues are often considered far too late in the development phases and when they appear a posteriori, they can have significant financial implications. To reduce threats and address this lack of security, DevOps is moving to DevSecOps, which adds a layer of security to the pipeline, integrating solutions throughout the development lifecycle. As part of this work, we propose the implementation of a DevSecOps architecture, in the context of Edge Computing, integrating a honey pot solution in order to respond to a threat. The concept of Edge Computing is materialized by an autonomous car representing a connected object and the threat will be manifested by the creation of a back door allowing the control of the autonomous vehicle. Following the discovery of this threat, a response is provided by the deployment of a honeypot using continuous deployment and integration tools, specific to the DevSecOps pipeline.
- Honeypot
- DevSecOps
- Edge Computing
- Honeypot Pattern
Integration of a honeypot solution into a DevSecOps pipeline in an Edge Computing context
BOUHOU, A. (Author). 1 Sept 2022
Student thesis: Master types › Master in Computer science