About: Flow-based Monitoring of Honeypots     Goto   Sponge   NotDistinct   Permalink

An Entity of Type : http://linked.opendata.cz/ontology/domain/vavai/Vysledek, within Data Space : linked.opendata.cz associated with source document(s)

AttributesValues
rdf:type
Description
  • Honeypots are known as an effective tools for discovering new attacks and for observing activity of the attackers. However, they are often seen as a research-oriented tools for security professionals that require constant supervision. We have created an incident detection system based on a combination of honeypots and flow-based monitoring that takes the best of both without additional complexity. In this paper we present deployment of both low-interaction and high-interaction honeypots and their monitoring based on network flows. We show how honeypots can be used as an automatic detection tool in the production network. We present a plug-in called honeyscan for widely-used NetFlow collector NfSen that was developed to monitor and evaluate network activity of the honeypot and to report security incidents. This plug-in processes traffic destined to honeypots, stores credentials from authentication attempts, and observes attacker's activity in the protected network.
  • Honeypots are known as an effective tools for discovering new attacks and for observing activity of the attackers. However, they are often seen as a research-oriented tools for security professionals that require constant supervision. We have created an incident detection system based on a combination of honeypots and flow-based monitoring that takes the best of both without additional complexity. In this paper we present deployment of both low-interaction and high-interaction honeypots and their monitoring based on network flows. We show how honeypots can be used as an automatic detection tool in the production network. We present a plug-in called honeyscan for widely-used NetFlow collector NfSen that was developed to monitor and evaluate network activity of the honeypot and to report security incidents. This plug-in processes traffic destined to honeypots, stores credentials from authentication attempts, and observes attacker's activity in the protected network. (en)
Title
  • Flow-based Monitoring of Honeypots
  • Flow-based Monitoring of Honeypots (en)
skos:prefLabel
  • Flow-based Monitoring of Honeypots
  • Flow-based Monitoring of Honeypots (en)
skos:notation
  • RIV/00216224:14610/13:00065721!RIV14-MV0-14610___
http://linked.open...avai/predkladatel
http://linked.open...avai/riv/aktivita
http://linked.open...avai/riv/aktivity
  • P(VG20132015103)
http://linked.open...vai/riv/dodaniDat
http://linked.open...aciTvurceVysledku
http://linked.open.../riv/druhVysledku
http://linked.open...iv/duvernostUdaju
http://linked.open...titaPredkladatele
http://linked.open...dnocenehoVysledku
  • 75328
http://linked.open...ai/riv/idVysledku
  • RIV/00216224:14610/13:00065721
http://linked.open...riv/jazykVysledku
http://linked.open.../riv/klicovaSlova
  • honeypot; monitoring; NetFlow; NfSen; dictionary attack (en)
http://linked.open.../riv/klicoveSlovo
http://linked.open...ontrolniKodProRIV
  • [0BCD62F38638]
http://linked.open...v/mistoKonaniAkce
  • Brno
http://linked.open...i/riv/mistoVydani
  • Brno
http://linked.open...i/riv/nazevZdroje
  • Security and Protection of Information 2013
http://linked.open...in/vavai/riv/obor
http://linked.open...ichTvurcuVysledku
http://linked.open...cetTvurcuVysledku
http://linked.open...vavai/riv/projekt
http://linked.open...UplatneniVysledku
http://linked.open...iv/tvurceVysledku
  • Drašar, Martin
  • Husák, Martin
http://linked.open...vavai/riv/typAkce
http://linked.open.../riv/zahajeniAkce
number of pages
http://purl.org/ne...btex#hasPublisher
  • Univerzita obrany
https://schema.org/isbn
  • 9788072319220
http://localhost/t...ganizacniJednotka
  • 14610
Faceted Search & Find service v1.16.116 as of Feb 22 2024


Alternative Linked Data Documents: ODE     Content Formats:   [cxml] [csv]     RDF   [text] [turtle] [ld+json] [rdf+json] [rdf+xml]     ODATA   [atom+xml] [odata+json]     Microdata   [microdata+json] [html]    About   
This material is Open Knowledge   W3C Semantic Web Technology [RDF Data] Valid XHTML + RDFa
OpenLink Virtuoso version 07.20.3239 as of Feb 22 2024, on Linux (x86_64-pc-linux-gnu), Single-Server Edition (126 GB total memory, 80 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2024 OpenLink Software