Study and implementation of attacker detection system by extending honeyd
Material type:
TextSubject(s): Dissertation note: Master of Science in Computer Science and Information security 2013-2015 EXT "Mirox Cyber Security & Technology" Summary: Honeypots are closely monitored network decoys serving several purposes: they can distract adversaries from more valuable machines on a network, they can provide early warning about new attack and exploitation trends and they allow in-depth examination of adversaries during and after exploitation of a honeypot. Deploying physical honeypot is often time intensive and expensive as different operating systems require specialized hardware and every honeypot requires its own physical system. This paper presents Honeyd, a framework for virtual honeypot that simulates virtual computer systems at the network level. The simulated computer systems appear to run on unallocated network addresses. To fool network fingerprinting tools, Honeyd simulates the networking stack of different operating systems and can provide arbitrary services for an arbitrary number of virtual systems. Furthermore, the system supports virtual routing topologies that allow the creation of large virtual networks including characteristics like latency and packet loss. We discuss Honeyd’s design and implementation.
| Item type | Current library | Call number | Status | Date due | Barcode | |
|---|---|---|---|---|---|---|
Project Reports
|
Kerala University of Digital Sciences, Innovation and Technology Knowledge Centre | Not for loan | R-923 | |||
|
Project Reports
|
Kerala University of Digital Sciences, Innovation and Technology Knowledge Centre | Not for loan | R-703 |
Master of Science in Computer Science and Information security 2013-2015 EXT K Pradeep Kumar Vivek "Mirox Cyber Security & Technology"
Honeypots are closely monitored network decoys serving several purposes: they can distract adversaries from more valuable machines on a network, they can provide early warning about new attack and exploitation trends and they allow in-depth examination of adversaries during and after exploitation of a honeypot. Deploying physical honeypot is often time intensive and expensive as different operating systems require specialized hardware and every honeypot requires its own physical system. This paper presents Honeyd, a framework for virtual honeypot that simulates virtual computer systems at the network level. The simulated computer systems appear to run on unallocated network addresses. To fool network fingerprinting tools, Honeyd simulates the networking stack of different operating systems and can provide arbitrary services for an arbitrary number of virtual systems. Furthermore, the system supports virtual routing topologies that allow the creation of large virtual networks including characteristics like latency and packet loss. We discuss Honeyd’s design and implementation.
There are no comments on this title.