Informační systém Repo
HUSÁK, Martin and Jan VYKOPAL. POSTER: Dragging Attackers to Honeypots for Effective Analysis of Cybernetic Threats. 2014.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name POSTER: Dragging Attackers to Honeypots for Effective Analysis of Cybernetic Threats
Authors HUSÁK, Martin (203 Czech Republic, guarantor, belonging to the institution) and Jan VYKOPAL (203 Czech Republic, belonging to the institution).
Edition 2014.
Other information
Original language English
Type of outcome Audiovisual works
Field of Study Informatics
Country of publisher Czech Republic
Confidentiality degree is not subject to a state or trade secret
RIV identification code RIV/00216224:14610/14:00073228
Organization Ústav výpočetní techniky - Repository
Keywords in English honeypot;network monitoring;security
Links VF20132015031, research and development project.
Changed by Changed by: RNDr. Daniel Jakubík, učo 139797. Changed: 1/9/2020 20:45.
With the rising number of cyber threats in communication networks, there is a demand for attack analysis and the identification of new threats. Honeypots, tools for attack analysis and zero-day exploit discovery, are passive in waiting for an attacker. This paper proposes a novel approach to the effective utilization of honeypots based on cooperation between honeypots and the network in which they are deployed. We propose a framework for recognition of attacks in their early phase and dragging the network traffic to a honeypot before the attack causes any harm. We use flow-based network monitoring to detect initial phases of the attacks and propose prediction of the later phases of the attack. Malicious network traffic will be redirected to a honeypot for further analysis using a concept of a network funnel.
Displayed: 25/5/2022 23:58