Experimental Study of Honeypot-Based Cyber Attack and Data Collection in Campus Network Environment

Authors

  • Sugiyatno Sugiyatno Universitas Bhayangkara Jakarta Raya, Indonesia
  • Imam Riadi Universitas Ahmad Dahlan, Indonesia
  • Rusydi Umar Universitas Ahmad Dahlan, Indonesia

DOI:

https://doi.org/10.35842/ijicom.v8i1.255

Keywords:

Honeypot, Cyberattack Detection, Random Forest, Network Security

Abstract

Cyberattacks continue to pose significant threats to organizational networks, requiring intelligent and adaptive detection mechanisms capable of identifying evolving attack patterns. This study proposes a honeypot-based cyberattack detection framework that integrates deception technology with the Random Forest machine learning algorithm to classify malicious activities captured from real-world network environments. During a seven-day observation period, the honeypot system captured 500 cyberattack events targeting SSH, Telnet, HTTP, and SMB services. SSH brute-force attacks dominated the dataset, accounting for 42% of all recorded incidents, followed by Telnet login attempts (24%), HTTP exploits (19%), and SMB exploits (15%). Behavioral analysis revealed recurring attack patterns, including automated brute-force attempts, sequential port scanning, and distributed attack activities originating from multiple IP addresses. Experimental results demonstrate that the Random Forest classifier achieved an accuracy of 92.40%, precision of 91.80%, recall of 90.90%, and F1-score of 91.30%. The confusion matrix further indicates that the model successfully distinguished among attack categories with minimal misclassification. In particular, the SSH class achieved a precision of 0.95, a recall of 0.94, and an F1-score of 0.94. These findings demonstrate that honeypot-generated datasets effectively support machine learning-based intrusion detection and enable accurate cyberattack classification.

Downloads

Download data is not yet available.

Downloads

Published

2026-06-18

How to Cite

Sugiyatno, S., Riadi, I., & Umar, R. (2026). Experimental Study of Honeypot-Based Cyber Attack and Data Collection in Campus Network Environment . International Journal of Informatics and Computation, 8(1), 510–520. https://doi.org/10.35842/ijicom.v8i1.255