This HTML5 document contains 44 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

Namespace Prefixes

PrefixIRI
n19http://linked.opendata.cz/ontology/domain/vavai/riv/typAkce/
dctermshttp://purl.org/dc/terms/
n22http://purl.org/net/nknouf/ns/bibtex#
n16http://localhost/temp/predkladatel/
n15http://linked.opendata.cz/resource/domain/vavai/vysledek/RIV%2F00216224%3A14610%2F13%3A00065721%21RIV14-MV0-14610___/
n18http://linked.opendata.cz/resource/domain/vavai/projekt/
n9http://linked.opendata.cz/resource/domain/vavai/riv/tvurce/
n10http://linked.opendata.cz/resource/domain/vavai/subjekt/
n8http://linked.opendata.cz/ontology/domain/vavai/
n12https://schema.org/
shttp://schema.org/
skoshttp://www.w3.org/2004/02/skos/core#
n3http://linked.opendata.cz/ontology/domain/vavai/riv/
n2http://linked.opendata.cz/resource/domain/vavai/vysledek/
rdfhttp://www.w3.org/1999/02/22-rdf-syntax-ns#
n4http://linked.opendata.cz/ontology/domain/vavai/riv/klicoveSlovo/
n17http://linked.opendata.cz/ontology/domain/vavai/riv/duvernostUdaju/
xsdhhttp://www.w3.org/2001/XMLSchema#
n20http://linked.opendata.cz/ontology/domain/vavai/riv/aktivita/
n7http://linked.opendata.cz/ontology/domain/vavai/riv/jazykVysledku/
n13http://linked.opendata.cz/ontology/domain/vavai/riv/obor/
n6http://linked.opendata.cz/ontology/domain/vavai/riv/druhVysledku/
n14http://reference.data.gov.uk/id/gregorian-year/

Statements

Subject Item
n2:RIV%2F00216224%3A14610%2F13%3A00065721%21RIV14-MV0-14610___
rdf:type
n8:Vysledek skos:Concept
dcterms:description
Honeypots are known as an effective tools for discovering new attacks and for observing activity of the attackers. However, they are often seen as a research-oriented tools for security professionals that require constant supervision. We have created an incident detection system based on a combination of honeypots and flow-based monitoring that takes the best of both without additional complexity. In this paper we present deployment of both low-interaction and high-interaction honeypots and their monitoring based on network flows. We show how honeypots can be used as an automatic detection tool in the production network. We present a plug-in called honeyscan for widely-used NetFlow collector NfSen that was developed to monitor and evaluate network activity of the honeypot and to report security incidents. This plug-in processes traffic destined to honeypots, stores credentials from authentication attempts, and observes attacker's activity in the protected network. Honeypots are known as an effective tools for discovering new attacks and for observing activity of the attackers. However, they are often seen as a research-oriented tools for security professionals that require constant supervision. We have created an incident detection system based on a combination of honeypots and flow-based monitoring that takes the best of both without additional complexity. In this paper we present deployment of both low-interaction and high-interaction honeypots and their monitoring based on network flows. We show how honeypots can be used as an automatic detection tool in the production network. We present a plug-in called honeyscan for widely-used NetFlow collector NfSen that was developed to monitor and evaluate network activity of the honeypot and to report security incidents. This plug-in processes traffic destined to honeypots, stores credentials from authentication attempts, and observes attacker's activity in the protected network.
dcterms:title
Flow-based Monitoring of Honeypots Flow-based Monitoring of Honeypots
skos:prefLabel
Flow-based Monitoring of Honeypots Flow-based Monitoring of Honeypots
skos:notation
RIV/00216224:14610/13:00065721!RIV14-MV0-14610___
n8:predkladatel
n10:orjk%3A14610
n3:aktivita
n20:P
n3:aktivity
P(VG20132015103)
n3:dodaniDat
n14:2014
n3:domaciTvurceVysledku
n9:6623697 n9:4268784
n3:druhVysledku
n6:D
n3:duvernostUdaju
n17:S
n3:entitaPredkladatele
n15:predkladatel
n3:idSjednocenehoVysledku
75328
n3:idVysledku
RIV/00216224:14610/13:00065721
n3:jazykVysledku
n7:eng
n3:klicovaSlova
honeypot; monitoring; NetFlow; NfSen; dictionary attack
n3:klicoveSlovo
n4:NetFlow n4:dictionary%20attack n4:NfSen n4:honeypot n4:monitoring
n3:kontrolniKodProRIV
[0BCD62F38638]
n3:mistoKonaniAkce
Brno
n3:mistoVydani
Brno
n3:nazevZdroje
Security and Protection of Information 2013
n3:obor
n13:IN
n3:pocetDomacichTvurcuVysledku
2
n3:pocetTvurcuVysledku
2
n3:projekt
n18:VG20132015103
n3:rokUplatneniVysledku
n14:2013
n3:tvurceVysledku
Drašar, Martin Husák, Martin
n3:typAkce
n19:WRD
n3:zahajeniAkce
2013-05-22+02:00
s:numberOfPages
8
n22:hasPublisher
Univerzita obrany
n12:isbn
9788072319220
n16:organizacniJednotka
14610