Other formats:
BibTeX
LaTeX
RIS
@misc{18104, author = {Husák, Martin and Vykopal, Jan}, keywords = {honeypot;network monitoring;security}, language = {eng}, title = {POSTER: Dragging Attackers to Honeypots for Effective Analysis of Cybernetic Threats}, url = {http://www.aims-conference.org/2014/POSTER-Dragging_Attackers_to_Honeypots_for_Effective_Analysis_of_Cyber_Threats_A0.pdf}, year = {2014} }
TY - GEN ID - 18104 AU - Husák, Martin - Vykopal, Jan PY - 2014 TI - POSTER: Dragging Attackers to Honeypots for Effective Analysis of Cybernetic Threats KW - honeypot;network monitoring;security UR - http://www.aims-conference.org/2014/POSTER-Dragging_Attackers_to_Honeypots_for_Effective_Analysis_of_Cyber_Threats_A0.pdf N2 - With the rising number of cyber threats in communication networks, there is a demand for attack analysis and the identification of new threats. Honeypots, tools for attack analysis and zero-day exploit discovery, are passive in waiting for an attacker. This paper proposes a novel approach to the effective utilization of honeypots based on cooperation between honeypots and the network in which they are deployed. We propose a framework for recognition of attacks in their early phase and dragging the network traffic to a honeypot before the attack causes any harm. We use flow-based network monitoring to detect initial phases of the attacks and propose prediction of the later phases of the attack. Malicious network traffic will be redirected to a honeypot for further analysis using a concept of a network funnel. ER -
HUSÁK, Martin and Jan VYKOPAL. \textit{POSTER: Dragging Attackers to Honeypots for Effective Analysis of Cybernetic Threats}. 2014.
|