An Active Intrusion-Confronting System Using Fake Session and honeypot
نویسندگان
چکیده
In the coming age of information warfare, information security patterns need to be changed to use an active approach using offensive security mechanisms rather than the traditional passive approach in merely protecting against intrusions. In an active security environment, it is essential that, when detecting an intrusion, it is immediately confronted with methods such as analysing the intrusion situation in real-time, protecting information from the attacks, and even tracing the intruder. This paper presents an active intrusion-confronting system using a fake session and a honeypot. Through the fake session, attacks like DoS(Denial of Service) and port scan can be intercepted. By monitoring a honeypot system, in which the intruders are migrated from the protected system and an intrusion rule manager is activated, new intrusion rules are created and activated for confronting the next intrusions.
منابع مشابه
A Review on Honeypot as an Intrusion Detection System for Wireless Network
Honeypots are decoy computer resources set up for the purpose of monitoring and logging the activities of entities that probe, attack or compromise them. Honeypot does work as an Intrusion Detection System which detect the attacker in a network. Activities on honeypots can be considered suspicious by definition, as there is no point for users to interact with these systems. In this paper, we pr...
متن کاملA Dynamic Honeypot Design for Intrusion Detection
A modern technology in the area of intrusion detection is honeypot technology that unlike common IDSs tends to provide the attacker with all the necessary resources needed for a successful attack. Honeypots provide a platform for studying the methods and tools used by the intruders (blackhatcommunity), thus deriving their value from the unauthorized use of their resources. This paper discusses ...
متن کاملIntrusion Detection System Using Shadow Honeypot
The immense advancement in attacks against network give rise to interest in more contentious forms of defense to supplement the existing security approaches. Honeypots are physical or virtual machines successfully used as Intrusion detection tool to detect threats. In this paper we proposed a shadow honeypot based intrusion detection system. Shadow honeypot is used to collect the intrusion from...
متن کاملBandits for Cybersecurity: Adaptive Intrusion Detection Using Honeypots
Intrusion detection is a fundamental problem in network security, and honeypots are one method for actively detecting malicious activity by using deception to fool attackers into interacting with fake hosts or services. We consider the problem of how to strategically select which configurations of honeypots to use to maximize the detection capability in a network. This problem is complicated by...
متن کاملSecuring Wmn Using Hybrid Honeypot System
Wireless Mesh Network (WMN) has been a field of active research in the recent years. Lot of research has focused various routing mechanism but very little effort has been made towards attack detection or intrusion detection. In this paper, we propose an attack detection approach for wireless mesh network using Honeypot technique. A Honeypot is a security resource whose value lies in being probe...
متن کامل