Dornseif, MaximillianHolz, ThorstenMüller, SvenKnop, Jan VonHaverkamp, WilhelmJessen, Eike2019-10-112019-10-1120053-88579-402-0https://dl.gi.de/handle/20.500.12116/28613To learn more about attack patterns and attacker behavior, the concept of electronic decoys - usually network resources (computers, routers, or switches) deployed to be probed, attacked, and compromised – is currently en vogue in the area of IT security under the name honeypots. These electronic baits claim to lure in attackers and help in assessment of vulnerabilities. We give a basic introduction into honeypot concepts and present exemplary honeypot-based research in the area of phishing. Because honeypots are more and more deployed within computer networks, malicious attackers start to devise techniques to detect and circumvent these security tools. In the second part of this paper we focus on limitations of current honeypotbased methodologies. We show how an attacker typically proceeds when attacking this kind of systems and present diverse tools and methods of deception and counter deception.enHoneypots and limitations of deceptionText/Conference Paper1617-5468