Enhancing Cybersecurity Through Honeypot Integration with Deep Learning: A Dual-Phase Approach to Threat Detection

Authors

  • Sweety Jachak Dmepartent of Computer Engineering Department, Guru Gobind Singh College of Engineering and Research Centre, Nashik, Maharashtra, India
  • Shital Aher Information Technology Department, Sir Visvesvaraya Institute of Technology, Nashik, Maharashtra, India
  • Gokul Mahajan Department of Mechanical engineering, Shatabdi Institute of Engineering and Research, Nashik, Maharashtra, India
  • Megha Rode Department of Computer Science Engineering, Ramdeobaba University, Nagpur, Maharashtra, India
  • Gulrukh Nazneen Department of Computer Science and Engineering, Ramdeobaba University, Nagpur, Maharashtra, India

DOI:

https://doi.org/10.70917/ijcisim-2026-2848

Keywords:

Cybersecurity, Honeypot System, SYN-food Attacks, Pentbox Tool, CNN, Random Forest, KNN

Abstract

This research aims at assessing the effectiveness of a two-stage approach to enhance cybersecurity through the use of honeypot systems and machine learning algorithms. The first stage is to use honeypots with the Pentbox tool and a Flask-based application to detect and report malicious activity like SYN-flood attacks. The Pentbox tool was used as a quick-deployable tool to record the detailed attack information, in tandem with Flask-based honeypot that allowed the extensive analysis of the HTTP requests and responses. In the second phase, the collected data was pre-processed and fed into deep learning - machine learning hybrid algorithms like CNNs hybridized with Random Forest, Naive Bayes, K-Nearest Neighbour (KNN), and Logistic Regression to identify and classify the cyber risks. The CNN with Random Forest model gave the best results as compared to the other models with an accuracy of 0.96, precision of 0.98, recall of 0.82, and F1-score of 0.88. This higher performance is as a result of its ensemble-ness which helps in minimizing over-fitting and at the same time correctly dealing with both nominal and ordinal data. The honeypots were able to collect important information of DoS-attack and the ML models, particularly the Random Forest model, was effective in the identification of threats and their categorisation. This integrated strategy not only improves the threat detection, but it also has significant implications for the development of real-time cybersecurity solutions, providing organisations with powerful means to counter current and emerging cyber threats.

Downloads

Download data is not yet available.

Downloads

Published

2026-07-07

How to Cite

Sweety Jachak, Shital Aher, Gokul Mahajan, Megha Rode, & Gulrukh Nazneen. (2026). Enhancing Cybersecurity Through Honeypot Integration with Deep Learning: A Dual-Phase Approach to Threat Detection. International Journal of Computer Information Systems and Industrial Management Applications, 18(5s), 1011–1025. https://doi.org/10.70917/ijcisim-2026-2848

Issue

Section

Original Articles