A visual analytic approach for analyzing SSH honeypots
نویسنده
چکیده
An SSH honeypot can be used to study the activities of an attacker by logging the full SSH session. In this paper we present an interactive visualization system that can be used by network security experts to visually analyze large sets of SSH honeypot data. By using different visualizations and interaction techniques the expert can explore SSH sessions and quickly find related sessions which will help in identifying attackers.
منابع مشابه
A Dynamic Approach for Honeypot Management
Honeypot is a security device the value of which lies mainly in discovering and inspecting, being attacked and being at risk. Most of the present Honeypots are configured and installed on the network statically. In some cases considerations have been made on dynamic configuration of Honeypots at the time of installation but still no study have been carried out on how to instantaneously change t...
متن کاملA Dynamic Approach for Honeypot Management
Honeypot is a security device the value of which lies mainly in discovering and inspecting, being attacked and being at risk. Most of the present Honeypots are configured and installed on the network statically. In some cases considerations have been made on dynamic configuration of Honeypots at the time of installation but still no study have been carried out on how to instantaneously change t...
متن کاملHoneypots Aiding Network Forensics: Challenges and Notions
risks as attacks are increasing day after day. Network forensics is the process of investigation such attacks through analyzing network data and events. Many challenges are facing investigators due to the rapid growing of network scale and intruders’ skills. Honeypots are computer traps that are meant to be compromised to attract hackers and monitor their strategies and tools. Using honeypots p...
متن کاملVulnerability Assessment using Honeypots
Honeypots are electronic bait, i.e. network resources (computers, routers, switches, etc.) deployed to be probed, attacked and compromised. Honeypots run special software which permanently collects data about the system and greatly aids in post-incident computer and network forensics. Several honeypots can be assembled into networks of honeypots called honeynets. Because of the wealth of data c...
متن کاملAnalyzing the Communicative Functions in Typography (the Posters of Asma’ol Hosna in Iran) Using Jakobson’s Approach
The present study attempts to address the issue of typographic communicational methods in posters. The purpose is to investigate the visual elements in creating the communicative functions of typographies of Asma’ol Hosna’s posters based on Jakobson’s communication theory. The question is: By what visual elements are the communicative functions in typography of posters this study propounded? T...
متن کامل