Implementation of Network Forensics Based on Honeypot
نویسندگان
چکیده
For years, numbers of researches had addressed the serious matters of network attacks, and developed various technologies such as firewalls and intrusion detection systems to prevent the malware attacking. Currently, technologies lack any investigative features because of the network information gathering is too difficult. In this study, we designed a network forensics system, which contented honeypot system to solve the information gathering problems in the past, and distributed the honeypot system module at the same time, and even combine with the Capture-HPC program to check out the traverse web sites in search of client-side malware. Therefore, the study result can help investigators gather the evidences about the network crimes to allow criminals to be prosecuted in court.
منابع مشابه
Design of Network Forensic System Based on Honeynet
Network forensics deals with the capturing and analysis of the trace and logs of network intrusions from the multiple systems for providing the information to characterize intrusion or features. This paper demonstrates the internal working of implementation of server honeypot technology and network forensics. Honeypot based system is used to attract the attackers so that their process methodolo...
متن کاملAvoiding Cyber-attacks to DMZ and Capturing Forensics from Intruders Using Honeypots
Nowadays, honeypots are widely used to divert attackers from the original target and keep them busy within a decoy environment. DeMilitarized Zone (DMZ) is an important zone for network administrators, because many of the services to the public network is provided at this zone. Many of the security tools such as firewalls, intrusion detection systems and several other secu...
متن کاملAvoiding Cyber-attacks to DMZ and Capturing Forensics from Intruders Using Honeypots
Nowadays, honeypots are widely used to divert attackers from the original target and keep them busy within a decoy environment. DeMilitarized Zone (DMZ) is an important zone for network administrators, because many of the services to the public network is provided at this zone. Many of the security tools such as firewalls, intrusion detection systems and several other secu...
متن کاملThe Honeynet Files
exploits in a honeypot is an unusual event). For the latter, we want a better understanding of the areas of interest and hidden links between blackhat teams. One way to achieve these goals is to increase the verbosity of our honeypot logs and traces so that we learn every single action the intruder made. The most common tools for doing this are Sebek (http://project.honeynet.org/tools/ sebek/) ...
متن کاملHoneypots Aiding Network Forensics: Challenges and Notions
risks as attacks are increasing day after day. Network forensics is the process of investigation such attacks through analyzing network data and events. Many challenges are facing investigators due to the rapid growing of network scale and intruders’ skills. Honeypots are computer traps that are meant to be compromised to attract hackers and monitor their strategies and tools. Using honeypots p...
متن کامل