Vulnerability Assessment using Honeypots
نویسندگان
چکیده
Honeypots are electronic bait, i.e. network resources (computers, routers, switches, etc.) deployed to be probed, attacked and compromised. Honeypots run special software which permanently collects data about the system and greatly aids in post-incident computer and network forensics. Several honeypots can be assembled into networks of honeypots called honeynets. Because of the wealth of data collected through them, honeynets are considered a useful tool to learn more about attack patterns and attacker behavior in real networks. This paper explains the motivation for using the honeynet methodology and describes experiences with a honeynet at RWTH Aachen University. In analyzing the data collected through our experiment, we discuss the value of honeynets for computer vulnerability assessment. The paper also gives an overview over ethical and legal aspects of honeypots and a look on possible directions for further research.
منابع مشابه
If you go down to the Internet today – Deceptive Honeypots
ABSTRACT This is preliminary research into the effectiveness of deceptive defensive measures in particular honeypots that use deceit as a primary defensive and offensive mechanism. Initial research has been conducted using the Deception Tool Kit and its ability to fool commonly available network scanning tools such as Nessus and Nmap The preliminary research indicates that these deceptive tools...
متن کاملDynamic Honeypot Construction
System security personnel fight a seemingly unending battle to secure their digital assets against an ever-increasing onslaught of attacks. Honeypots provide a valuable tool to collect information about the behaviors of attackers in order to design and implement better defenses, but most current configurations are static setups consisting of either lowinteraction or high-interaction environment...
متن کاملDynamic Honeypot Construction
System security personnel fight a seemingly unending battle to secure their digital assets against an everincreasing onslaught of attacks. Honeypots provide a valuable tool to collect information about the behaviors of attackers in order to design and implement better defenses, but most current configurations are static setups consisting of either low interaction or high-interaction environment...
متن کاملAdvanced Honeypot Architecture for Network Threats
Title of Document: Advanced Honeypot Architecture for Network Threats Quantification Robin Berthier, Ph.D., 2009 Directed By: Associate Professor Michel Cukier, Reliability Engineering Program Today's world is increasingly relying on computer networks. The increase in the use of network resources is followed by a rising volume of security problems. New threats and vulnerabilities are discovered...
متن کاملM . Meier , U . Flegel , and H . König Reactive Security – Intrusion Detection , Honeypots , and Vulnerability Assessment
Michael Meier studied computer science from 1993 to 1998 at the Brandenburg University of Technology Cottbus (Germany). After his graduation he joined the Network Security group of the chair Computer Networks and Communication Systems at the Computer Science Department of the same university, where he is working as research and teaching assistant. His research interests include security aspects...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Praxis der Informationsverarbeitung und Kommunikation
دوره 27 شماره
صفحات -
تاریخ انتشار 2004