{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,27]],"date-time":"2026-05-27T17:37:12Z","timestamp":1779903432281,"version":"3.53.1"},"publisher-location":"Singapore","reference-count":33,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819788002","type":"print"},{"value":"9789819788019","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,12,25]],"date-time":"2024-12-25T00:00:00Z","timestamp":1735084800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,12,25]],"date-time":"2024-12-25T00:00:00Z","timestamp":1735084800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-97-8801-9_13","type":"book-chapter","created":{"date-parts":[[2024,12,24]],"date-time":"2024-12-24T07:05:43Z","timestamp":1735023943000},"page":"253-272","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["HoneyLLM: A Large Language Model-Powered Medium-Interaction Honeypot"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7363-9695","authenticated-orcid":false,"given":"Wenjun","family":"Fan","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-2683-7033","authenticated-orcid":false,"given":"Zichen","family":"Yang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yuanzhen","family":"Liu","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Lang","family":"Qin","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jia","family":"Liu","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2024,12,25]]},"reference":[{"key":"13_CR1","volume-title":"Honeypots: Tracking Hackers","author":"L Spitzner","year":"2002","unstructured":"Spitzner, L.: Honeypots: Tracking Hackers. Addison-Wesley Longman Publishing Co., Inc., Boston (2002)"},{"issue":"4","key":"13_CR2","doi-asserted-by":"publisher","first-page":"3906","DOI":"10.1109\/JSYST.2017.2762161","volume":"12","author":"W Fan","year":"2018","unstructured":"Fan, W., Zhihui, D., Fern\u00e1ndez, D., Villagr\u00e1, V.A.: Enabling an anatomic view to investigate honeypot systems: a survey. IEEE Syst. J. 12(4), 3906\u20133919 (2018)","journal-title":"IEEE Syst. J."},{"key":"13_CR3","unstructured":"Provos, N., Holz, T.: Virtual Honeypots: From Botnet Tracking to Intrusion Detection, 1st edn. Addison Wesley (2007)"},{"key":"13_CR4","unstructured":"Jiang, X., Xu, D.: Collapsar: a VM-based architecture for network attack detention center. In: USENIX Security Symposium, pp. 15\u201328 (2004)"},{"key":"13_CR5","doi-asserted-by":"crossref","unstructured":"Vrable, M., et al.: Scalability, fidelity, and containment in the Potemkin virtual honeyfarm. In: Proceedings of the Twentieth ACM Symposium on Operating Systems Principles - SOSP \u201905, p. 148, Brighton, United Kingdom. ACM Press (2005)","DOI":"10.1145\/1095810.1095825"},{"key":"13_CR6","doi-asserted-by":"publisher","DOI":"10.1016\/j.lindif.2023.102274","volume":"103","author":"E Kasneci","year":"2023","unstructured":"Kasneci, E., et al.: Chatgpt for good? On opportunities and challenges of large language models for education. Learn. Individ. Differ. 103, 102274 (2023)","journal-title":"Learn. Individ. Differ."},{"issue":"3","key":"13_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3641289","volume":"15","author":"X Yupeng Chang","year":"2024","unstructured":"Yupeng Chang, X., et al.: A survey on evaluation of large language models. ACM Trans. Intell. Syst. Technol. 15(3), 1\u201345 (2024)","journal-title":"ACM Trans. Intell. Syst. Technol."},{"key":"13_CR8","unstructured":"Provos, N.: A virtual honeypot framework. In: Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13, SSYM\u201904, p. 1, Berkeley, CA, USA. USENIX Association (2004)"},{"key":"13_CR9","unstructured":"The\u00a0Honeynet Project. Dionaea - catched bugs, November 2019"},{"key":"13_CR10","unstructured":"G\u00f6bel, J.G.: AMUN: a python honeypot (2009)"},{"key":"13_CR11","doi-asserted-by":"crossref","unstructured":"Portokalidis, G., Slowinska, A., Bos, H.: Argos: an emulator for fingerprinting zero-day attacks for advertised honeypots with automatic signature generation. In: Proceedings of the 1st ACM SIGOPS\/EuroSys European Conference on Computer Systems 2006, EuroSys \u201906, pp. 15\u201327, New York, NY, USA. ACM (2006)","DOI":"10.1145\/1217935.1217938"},{"key":"13_CR12","unstructured":"Oosterhof, M.: Cowrie (2016)"},{"key":"13_CR13","doi-asserted-by":"crossref","unstructured":"Wu, S., Fan, W.: An SDN-NFV-enabled honeypot for manipulating command & control shell TCP connection. In: NOMS 2023-2023 IEEE\/IFIP Network Operations and Management Symposium, pp. 1\u20135 (2023)","DOI":"10.1109\/NOMS56928.2023.10154330"},{"key":"13_CR14","unstructured":"openai. chatgpt, November 2022"},{"key":"13_CR15","unstructured":"Fu, Y., Peng, H., Khot, T.: How does GPT obtain its ability? Tracing emergent abilities of language models to their sources. Yao Fu\u2019s Notion (2022)"},{"key":"13_CR16","unstructured":"Brown, T., et al.: Language models are few-shot learners. In: Advances in Neural Information Processing Systems, vol. 33, pp. 1877\u20131901 (2020)"},{"key":"13_CR17","doi-asserted-by":"crossref","unstructured":"Pearce, H., Ahmad, B., Tan, B., Dolan-Gavitt, B., Karri, R.: Asleep at the keyboard? assessing the security of github copilot\u2019s code contributions. In: 2022 IEEE Symposium on Security and Privacy (SP), pp. 754\u2013768 (2022)","DOI":"10.1109\/SP46214.2022.9833571"},{"key":"13_CR18","doi-asserted-by":"crossref","unstructured":"Pearce, H., Tan, B., Ahmad, B., Karri, R., Dolan-Gavitt, B.: Examining zero-shot vulnerability repair with large language models. In: 2023 IEEE Symposium on Security and Privacy (SP), pp. 2339\u20132356 (2023)","DOI":"10.1109\/SP46215.2023.10179420"},{"key":"13_CR19","doi-asserted-by":"crossref","unstructured":"He, J., Vechev, M.: Large language models for code: security hardening and adversarial testing. In: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, pp. 1865\u20131879 (2023)","DOI":"10.1145\/3576915.3623175"},{"key":"13_CR20","doi-asserted-by":"crossref","unstructured":"Hu, P., Liang, R., Chen, H.: DeGPT: optimizing decompiler output with LLM. In: Proceedings 2024 Network and Distributed System Security Symposium (2024). https:\/\/api.semanticscholar.org\/CorpusID, vol. 267622140 (2024)","DOI":"10.14722\/ndss.2024.24401"},{"key":"13_CR21","doi-asserted-by":"crossref","unstructured":"Meng, R., Mirchev, M., B\u00f6hme, M., Roychoudhury, A.: Large language model guided protocol fuzzing. In: Proceedings of the 31st Annual Network and Distributed System Security Symposium (NDSS) (2024)","DOI":"10.14722\/ndss.2024.24556"},{"key":"13_CR22","unstructured":"Fang, R., Bindu, R., Gupta, A., Zhan, Q., Kang, D.: LLM agents can autonomously hack websites. arXiv preprint arXiv:2402.06664 (2024)"},{"key":"13_CR23","unstructured":"Fang, R., Bindu, R., Gupta, A., Kang, D.: LLM agents can autonomously exploit one-day vulnerabilities. arXiv preprint arXiv:2404.08144 (2024)"},{"key":"13_CR24","unstructured":"Fang, R., Bindu, R., Gupta, A., Zhan, Q., Kang, D.: Teams of LLM agents can exploit zero-day vulnerabilities. arXiv preprint arXiv:2406.01637 (2024)"},{"key":"13_CR25","unstructured":"Deng, G., et al.: Pentestgpt: evaluating and harnessing large language models for automated penetration testing. In: USENIX Security Symposium (2024)"},{"key":"13_CR26","unstructured":"TJ\u00a0Dunham and Henry Syahputra. Reactor mk. 1 performances: MMLU, Humaneval and BBH test results. arXiv preprint arXiv:2406.10515, 2024"},{"key":"13_CR27","doi-asserted-by":"crossref","unstructured":"Sun, W., Yuan, C., Fan, W.: A measurement of real-world attack connections toward honeypots. In: 2022 IEEE International Symposium on Measurements & Networking (M &N), pp. 1\u20136 (2022)","DOI":"10.1109\/MN55117.2022.9887774"},{"key":"13_CR28","unstructured":"Zhong, Z., Fan, W.: A honey-imprint enabled approach for resisting social engineering attacks. In: 2023 24th Asia-Pacific Network Operations and Management Symposium (APNOMS), pp. 302\u2013305 (2023)"},{"key":"13_CR29","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103424","volume":"134","author":"T McIntosh","year":"2023","unstructured":"McIntosh, T., et al.: Harnessing GPT-4 for generation of cybersecurity GRC policies: a focus on ransomware attack mitigation. Comput. Secur. 134, 103424 (2023)","journal-title":"Comput. Secur."},{"key":"13_CR30","doi-asserted-by":"crossref","unstructured":"Akbar, K.A., et al.: Knowledge mining in cybersecurity: from attack to defense. In: Data and Applications Security and Privacy XXXVI, pp. 110\u2013122 (2022)","DOI":"10.1007\/978-3-031-10684-2_7"},{"key":"13_CR31","unstructured":"Ravi, A., Surve, T.: Exploring applications of NLP to create deceptive sandbox environments with honeyfiles"},{"key":"13_CR32","doi-asserted-by":"crossref","unstructured":"Sladi\u0107, M., Valeros, V., Catania, C., Garcia, S.: LLM in the shell: generative honeypots. arXiv preprint arXiv:2309.00155 (2023)","DOI":"10.1109\/EuroSPW61312.2024.00054"},{"key":"13_CR33","unstructured":"Wang, Z., et al.: HoneyGPT: breaking the trilemma in terminal honeypots with large language model. arXiv preprint arXiv:2406.01882 (2024)"}],"container-title":["Lecture Notes in Computer Science","Information and Communications Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-97-8801-9_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,24]],"date-time":"2024-12-24T08:04:38Z","timestamp":1735027478000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-97-8801-9_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,25]]},"ISBN":["9789819788002","9789819788019"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-981-97-8801-9_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,12,25]]},"assertion":[{"value":"25 December 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information and Communications Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Mytilene","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Greece","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 August 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 August 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icics2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/icics2024.aegean.gr","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}