An Implementation of a Malware Collection and Data Sharing System Based on Honeypot
نویسندگان
چکیده
In order to detect threats from the Internet and to reduce the detection cost, this system helps network administrators to analyze the malware information easily and effectively. In this study, we have set up a platform with the honeypot system and have solved several problems including sharing resources and distributing honeypot system module at the same time. This platform was set for researchers and shared the information for the further research. This specific system consisted of the Nepenthes, p0f and ClamAV, which is from the honeypot system, the passive detection and the Antivirus tools. On our platform, users would conduct and analyze the collected exploit information by the interface, and users would find the sources of malware attacks and reconfirm the source of client if it was invaded.
منابع مشابه
Nepenthes Honeypots based Botnet Detection
Thenumbers of the botnet attacks areincreasing day by day and the detection of botnet spreading in the network has become very challenging. Bots are having specific characteristics incomparison of normal malware as they are controlled by the remote master server and usually don’t show their behavior like normal malware until they don’t receive any command from their master server. Most of time ...
متن کاملImplementation of Network Forensics Based on Honeypot
For years, numbers of researches had addressed the serious matters of network attacks, and developed various technologies such as firewalls and intrusion detection systems to prevent the malware attacking. Currently, technologies lack any investigative features because of the network information gathering is too difficult. In this study, we designed a network forensics system, which contented h...
متن کاملThe Nepenthes Platform: An Efficient Approach to Collect Malware
Up to now, there is little empirically backed quantitative and qualitative knowledge about self-replicating malware publicly available. This hampers research in these topics because many counter-strategies against malware, e.g., networkand host-based intrusion detection systems, need hard empirical data to take full effect. We present the nepenthes platform, a framework for large-scale collecti...
متن کاملNomadic Honeypots: A Novel Concept for Smartphone Honeypots
Intelligence on mobile threats is a valuable asset. Honeypots showed to provide a good resource to gain threat intelligence in other areas. Unfortunately, current malware largely relies on social engineering to infect smartphones. Recently, attacks against smartphones have shifted towards local communication interfaces. These trends make traditional honeypot concepts unsuitable. We propose a no...
متن کاملpeHash: A Novel Approach to Fast Malware Clustering
Data collection is not a big issue anymore with available honeypot software and setups. However malware collections gathered from these honeypot systems often suffer from massive sample counts, data analysis systems like sandboxes cannot cope with. Sophisticated self-modifying malware is able to generate new polymorphic instances of itself with different message digest sums for each infection a...
متن کامل