Programmable logic controllers (PLCs) are used widely to control industrial processes and communicate with the supervisory system. Until recently, industrial operators relied on the assumption that these PLCs are isolated from the online world and hence cannot be the target of attacks. Recent events, such as the infamous Stuxnet attack directed the attention of the security and control system c...

The number of client-side attacks has grown significantly in the past few years, shifting focus away from defendable positions to a broad, poorly defended space filled with vulnerable clients. Just as honeypots enabled deep research into server-side attacks, honeyclients can permit the deep study of client-side attacks. A complement to honeypots, a honeyclient is a tool designed to mimic the be...

Today, internet and web services have become an inseparable part of our lives. Hence, ensuring continuous availability of service has become imperative to the success of any organization. But these services are often hampered by constant threats from myriad types of attacks. One such attack is called distributed denial of service attack that results in issues ranging from temporary slowdown of ...

In this paper, we propose a honeypot architecture for detecting and analyzing unknown network attacks. The main focus of our approach lies in improving the “significance” of recorded events and network traffic that need to be analyzed by a human network security operator in order to identify a new attacking pattern. Our architecture aims to achieve this goal by combining three main components: ...

Both honeypots and network telescopes are extremely powerful tools to analyze malicious network activities. In this paper we evaluate these two concepts by looking at data obtained from two such sources over a common time period. Our viewpoint is biased towards a network management perspective and we will present in this paper patterns and trends in misconfigured network devices. We will show t...

Over the last few years, network based intrusions have increased rapidly, due to the increase and popularity of various attack tools easily available today. Due to this increase in intrusions, the concept of network Honeypots are being developed, which can be used to trap and decode the attack methods of the malicious attackers. This paper will review the current state of honeypot technology as...