Log4jPot: Effective Log4Shell Vulnerability Detection System

The global digital landscape is changing rapidly with the advances in science and technology. A plethora of new breakthroughs are being made every day in several different fields, such as Internet infrastructure, Web 3.0, and AR/VR technologies. With these ever-increasing digital advancements, cybersecurity threats and vulnerabilities are also being exploited daily. In recent times, another critical vulnerability “Log4jshell” is identified in the logging tool Log4j. The ubiquity of this logging tool among many worldwide online services has exposed millions of devices to this vulnerability. In order to address this critical issue, the paper presents a framework for improving system security against Log4j attacks. The proposed framework deploys an in-house honeypot to detect and defend against various types of Log4j payloads. Experimental results prove the efficiency and accuracy of Log4j payload detection with an average execution time of 80.104 milliseconds for all utilized HTTP methods. In addition, the paper describes Log4shell vulnerabilities, webhooks, and provides a comparative assessment with previously proposed solutions.