Holoscope: Open and Lightweight Distributed Telescope & Honeypot Platform
By: Andrea Sordello , Marco Mellia , Idilio Drago and more
The complexity and scale of Internet attacks call for distributed, cooperative observatories capable of monitoring malicious traffic across diverse networks. Holoscope is a lightweight, cloud-native platform designed to simplify the deployment and management of distributed telescope (passive) and honeypot (active) sensors, used to collect and analyse attack traffic by exposing or simulating vulnerable systems. Built upon K3s and WireGuard, Holoscope offers secure connectivity, automated node onboarding, and resilient operation even in resource-constrained environments. Through modular design and Infrastructure-as-Code principles, it supports dynamic sensor orchestration, automated recovery and processing. We build, deploy and operate Holoscope across multiple institutions and cloud networks in Europe and Brazil, enabling unified visibility into large-scale attack phenomena while maintaining ease of integration and security compliance.
Similar Papers
Implementation of Honeynet and Honeypot in Network Infrastructure in Production Network
Networking and Internet Architecture
Catches hackers by tricking them with fake computer systems.
Characterizing Large-Scale Adversarial Activities Through Large-Scale Honey-Nets
Cryptography and Security
Catches hackers trying to break into computers.
Automated Hardware Trojan Insertion in Industrial-Scale Designs
Cryptography and Security
Creates fake computer bugs to test security.