A Graph Theory Based Self-Learning Honeypot to Detect Persistent Threats

Anomaly Detection in Log Data using Graph Databases and Machine Learning to Defend Advanced Persistent Threats

Advanced Persistent Threats (APTs) are a main impendence in cyber security of computer networks. In 2015, a successful breach remains undetected 146 days on average, reported by [Fi16]. With our work we demonstrate a feasible and fast way to analyse real world log data to detect breaches or breach attempts. By adapting well-known kill chain mechanisms and a combine of a time series database and...

Using deep learning on X-ray images to detect threats

Measuring Security Threats with Honeypot Technology

Honeypots are electronic baits, i.e. network resources (computers, routers, switches, etc.) deployed to be probed, attacked and compromised. Honeypots run special software which permanently collects data about the system behavior and greatly aids in post-incident computer and network forensics. Several honeypots can be assembled into networks of honeypots called honeynets. Through the wealth of...

Advanced Honeypot Architecture for Network Threats

Title of Document: Advanced Honeypot Architecture for Network Threats Quantification Robin Berthier, Ph.D., 2009 Directed By: Associate Professor Michel Cukier, Reliability Engineering Program Today's world is increasingly relying on computer networks. The increase in the use of network resources is followed by a rising volume of security problems. New threats and vulnerabilities are discovered...

IoTPOT: A Novel Honeypot for Revealing Current IoT Threats

We analyze the increasing threats against IoT devices. We show that Telnet-based attacks that target IoT devices have rocketed since 2014. Based on this observation, we propose an IoT honeypot and sandbox, which attracts and analyzes Telnet-based attacks against various IoT devices running on different CPU architectures such as ARM, MIPS, and PPC. By analyzing the observation results of our hon...