Practical Challenges in Building Fake Services with the Record and Play approach

One way to learn more about how a malicious program functions
and what its objectives are is to deceive it with fake
services that provide responses containing fabricated data.
We can try to achieve this goal with so called record and
play -honeypot that learns what the normal communication
between clients and a server looks like and then tries to
mimic it, but fabricates the contents of the responses so that
they contain fake data. This paper outlines and presents
the challenges faced in practical development of such honeypot.
Some solutions and recommendations that mitigate
the identified problems are also considered.