Escape the Fake: Introducing Simulated Container-Escapes for Honeypots

In the field of network security, the concept of honeypots is well established in research as well as in production. Honeypots are used to imitate a legitimate target on the network and to raise an alert on any interaction. This does not only help learning about a breach, but also allows researchers to study the techniques of an attacker. With the rise of cloud computing, container-based virtualization gained popularity for application deployment. This paper investigates the possibilities of container-based honeypots and introduces the concept of simulating container escapes as a deception technique.