ABSTRACT
A honeypot is a deception tool for enticing attackers to make efforts to compromise the electronic information systems of an organization. A honeypot can serve as an advanced security surveillance tool for use in minimizing the risks of attacks on information technology systems and networks. Honeypots are useful for providing valuable insights into potential system security loopholes. The current research investigated the effectiveness of the use of centralized system management technologies called Puppet and Virtual Machines in the implementation automated honeypots for intrusion detection, correction and prevention. A centralized logging system was used to collect information of the source address, country and timestamp of intrusions by attackers. The unique contributions of this research include: a demonstration how open source technologies is used to dynamically add or modify hacking incidences in a high-interaction honeynet system; a presentation of strategies for making honeypots more attractive for hackers to spend more time to provide hacking evidences; and an exhibition of algorithms for system and network intrusion prevention.
- Akkaya, D., and F. Thalgott. Honeypots in Network Security. pp. 1--39, 2010. Retrieved from http://www.diva-portal.org/smash/get/diva2:327476/fulltext01Google Scholar
- Anicas, M.. How To Install Elasticsearch, Logstash, and Kibana (ELK Stack) on Ubuntu 14.04., 2015. Retrieved from Digital Ocean: https://www.digitalocean.com/community/tutorials/how-to-install-elasticsearch-logstash-and-kibana-elk-stack-on-ubuntu-14-04Google Scholar
- Dittrich, D. Creating and managing distributed honeynets using honeywalls. Draft. University of Washington, 2004.Google Scholar
- Döring, C. Improving network security with Honeypots. University of Applied Sciences Darmstadt, 2005.Google Scholar
- Hoque, M. S., and M. A. Bikas. An Implementation of Intrusion Dectection System Using Genetic Algorithm. International Journal of Network Security & Its Applications (IJNSA), 2012.Google Scholar
- Jaiganesh, V., D. P. Sumathi, and A.Vinitha. Classification Algorithms in Intrusion Detection System: A Survey. Int.J.Computer Technology & Applications, 2013.Google Scholar
- Kaur, T., V. Malhotra, and D. D. Singh. (2014). Comparison of network security tools- Firewall, Intrusion Detection System and Honeypot, 202, 2014.Google Scholar
- Krawetz, N. Anti-Honeypot Technology. IEEE Security & Privacy, pp. 76--79, 2004. Google ScholarDigital Library
- Liston, T. Tom Liston talks about LaBrea, 2002. Retrieved from http://labrea.sourceforge.net/Intro-History.htmlGoogle Scholar
- Sahu, N., and V. Richhariya. Honeypot: A Survey. International Journal of Computer Science and Technology, 2012.Google Scholar
- Sobesto, B., M. Cukier, M. Hiltunen, D. Kormann, and G. Vesonder. DarkNOC: Dashboard for Honeypot Management. USENIX Association Berkeley, CA, USA 2011, pp. 16--16, 2011. Google ScholarDigital Library
- Spitzner, L. Tracking Hackers. Boston, MA.: Addison-Wesley, 2002.Google Scholar
- Spitzner, L. (2003). The Honeynet Project: Trapping the Hackers. IEEE Security & Privacy (Volume:1, Issue: 2), 15--23. Google ScholarDigital Library
- Stiawan, D., A. H. Abdullah, and M. Y. Idris. Characterizing Network Intrusion Prevention System. International Journal of Computer Applications, pp. 975--8887, 2011.Google ScholarCross Ref
- Stockman, M., R. Rein, and A. Heile. An Open-Source Honeynet System to Study System Banner Message Effects on Hackers. Journal of Computing Sciences in Colleges, pp. 282--293, 2015.Google ScholarDigital Library
- Virvilis, N., O. S. Serrano, and B. Vanautgaerden. Changing the game: The art of deceiving sophisticated attackers. NATO CCD COE Publications, 2014.Google ScholarCross Ref
- Weiler, N. Honeypots for Distributed Denial of Service Attacks. IEEE Computer Society Washington, DC, USA, pp. 109--114, 2002 . Google ScholarDigital Library
- Wilson, T., D. Maimon , B. Sobesto, and M. Cukier. The Effect of a Surveillance Banner in an Attacked Computer System Additional Evidence for the Relevance of Restrictive Deterrence in Cyberspace. Journal of Research in Crime and Delinquency, 2015.Google Scholar
Index Terms
- In Search of Effective Honeypot and Honeynet Systems for Real-Time Intrusion Detection and Prevention
Recommendations
Intelligent IDS: Venus Fly-Trap Optimization with Honeypot Approach for Intrusion Detection and Prevention
AbstractIntrusion Detection Systems and Intrusion Prevention Systems are used to detect and prevent attacks/malware from entering the network/system. Honeypot is a type of Intrusion Detection System which is used to find the intruder, study the intruder ...
Detecting and Defending against Worm Attacks Using Bot-honeynet
ISECS '09: Proceedings of the 2009 Second International Symposium on Electronic Commerce and Security - Volume 01We proposed a worm detection and defense system named bot-honeynet in this paper, which combines the best features of honeynet, anomaly detection and botnet. The combination of honeynet and anomaly detection system offers a tradeoff between false ...
Comments