Large-scale SSH honeypot deployment shows 99.23% of authenticated sessions are non-interactive, suggesting most attacks do not involve shell interaction.
IEEE Access12, 144579–144587 (2024)
2 Pith papers cite this work. Polarity classification is still indexing.
2
Pith papers citing it
fields
cs.CR 2years
2026 2verdicts
UNVERDICTED 2representative citing papers
AdvancedShelLM deploys a manager-worker multi-LLM architecture and stateful filesystem for SSH honeypots, reporting up to 99% unit-test pass rates and evidence that its outputs alter real attacker behavior in deployment.
citing papers explorer
-
Ghost Without Shell: Measuring Non-Interactive SSH Attacks on Honeypots
Large-scale SSH honeypot deployment shows 99.23% of authenticated sessions are non-interactive, suggesting most attacks do not involve shell interaction.
-
AdvancedShelLM: A Stateful Multi-Agent LLM Honeypot for SSH Deception
AdvancedShelLM deploys a manager-worker multi-LLM architecture and stateful filesystem for SSH honeypots, reporting up to 99% unit-test pass rates and evidence that its outputs alter real attacker behavior in deployment.