Proceedings of the 3rd International Conference on Computing and Informatics, ICOCI 2011,8-9 June, 2011 Bandung, Indonesia Paper No. 057 371 DEVELOPMENT OF A SINGLE HONEYPOT SYSTEM INTERFACE Siti Rohaidah Ahmad 1 , Arniyati Ahmad 2 , Nazatul Naquiah Ahba Abd Hamid 3 , Mohd Sharif Ab Rajab 4 , Nor Fatimah Awang 5 , and Muslihah Wook 6 1 Universiti Pertahanan Nasional Malaysia (UPNM), Malaysia, sitirohaidah@upnm.edu.my 2 Universiti Pertahanan Nasional Malaysia (UPNM), Malaysia, arniyati@upnm.edu.my 3 Universiti Pertahanan Nasional Malaysia (UPNM), Malaysia, nazatul@upnm.edu.my 4 Universiti Pertahanan Nasional Malaysia (UPNM), Malaysia, sharif_liger@yahoo.com 5 Universiti Pertahanan Nasional Malaysia (UPNM), Malaysia, norfatimah@upnm.edu.my 6 Universiti Pertahanan Nasional Malaysia (UPNM), Malaysia, muslihah@upnm.edu.my ABSTRACT. Networking is crucial to any organization which interconnecting systems all around the globe. However, networking is exposed to the increase of threats that have been detected which reducing the organization’s security level. Perpetrators of cybercrime will take this advantage to exploit other systems in their network. To enhance the security level of networking, Honeypot technology has been created to detect the unauthorized use of network. This paper focuses on development of batch files that execute a normal computer as a Honeypot. The main goal of this system is to capture information on every network attacks. Technically, this paper will guide user in Honeypot configuration process. Keywords: Honeypot technology, cybercrime, Honeypot interface INTRODUCTION Network Intrusion Detection System is a system used to detect any illegal activities occurred in a computer network. There are various malicious network traffic and computer usage for instance network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malwares. In the advance of systems and superb technology, most users ignore the security part when using the technology. Honeypot is not new in cyber-technology. Honeypot acts as surveillance and manage to detect and capture the attackers of computer network system. The development of batch scripting which contains instructions for generating a single Honeypot will be introduced in the next section in this paper. HONEYPOT Referring to the definition of Honeypot by the author of Tracking Hackers, “A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource” (Spitzner, 2003). In a computer jargon, Honeypot is a tool to get information about the attacker. It is designed for inspection and attacked. Furthermore, network administrators can learn about activities that can harm and monitor the trends of these activities. Honeypot will give early warning if the system encountered with attacks. Despite that, Honeypot has its own drawback. If Honeypot is not walled off appropriately; this can benefit the attacker to break into a system by using it.