Effect of Electronic Evidence Captured by Honeypots
نویسنده
چکیده
Honeypot technique can be used as an active evidence capture method, which is effective in complex case investigation. However, it use temptation as the first step in evidence capture, much debate is emerging which compare it with entrapment. Through analyzes the honeypot technique, this paper suggests evidences principles when using honeypot as evidence capture method.
منابع مشابه
A Method to Obtain Signatures from Honeypots Data
Building intrusion detection model in an automatic and online way is worth discussing for timely detecting new attacks. This paper gives a scheme to automatically construct snort rules based on data captured by honeypots on line. Since traffic data to honeypots represent abnormal activities, activity patterns extracted from those data can be used as attack signatures. Packets captured by honeyp...
متن کاملA Generic Toolkit for Converting Web Applications Into High-Interaction Honeypots
In this paper, we present the design and implementation of a generic toolkit for turning arbitrary PHP web applications into high interaction honeypots in an automated fashion. We demonstrate the wide applicability of this approach by applying it to four popular existing web applications. Moreover, we show the effectiveness of our system by using it to analyze 70 actual attacks including 9 comp...
متن کاملMeasuring Security Threats with Honeypot Technology
Honeypots are electronic baits, i.e. network resources (computers, routers, switches, etc.) deployed to be probed, attacked and compromised. Honeypots run special software which permanently collects data about the system behavior and greatly aids in post-incident computer and network forensics. Several honeypots can be assembled into networks of honeypots called honeynets. Through the wealth of...
متن کاملVulnerability Assessment using Honeypots
Honeypots are electronic bait, i.e. network resources (computers, routers, switches, etc.) deployed to be probed, attacked and compromised. Honeypots run special software which permanently collects data about the system and greatly aids in post-incident computer and network forensics. Several honeypots can be assembled into networks of honeypots called honeynets. Because of the wealth of data c...
متن کاملHoneypots Aiding Network Forensics: Challenges and Notions
risks as attacks are increasing day after day. Network forensics is the process of investigation such attacks through analyzing network data and events. Many challenges are facing investigators due to the rapid growing of network scale and intruders’ skills. Honeypots are computer traps that are meant to be compromised to attract hackers and monitor their strategies and tools. Using honeypots p...
متن کامل