Data Collection and Data Analysis in Honeypots and Honeynets
نویسنده
چکیده
Honeypots and honeynets are unconventional security tools to study techniques, methods, tools, and goals of attackers. Therefore, data analysis is an important part of honeypots and honeynets. In paper we focus on analysis of data collected from different honeypots and honeynets. We discuss framework to analyse honeypots’ and honeynets’ data. Also, we outline a secure way to transfer collected data from honeypots to the analysis itself. At last, we propose a framework for analysis of attack based on data collected by honeypots and honeynets.
منابع مشابه
Honeypots and honeynets: issues of privacy
Honeypots and honeynets are popular tools in the area of network security and network forensics. The deployment and usage of these tools are influenced by a number of technical and legal issues, which need to be carefully considered. In this paper, we outline the privacy issues of honeypots and honeynets with respect to their technical aspects. The paper discusses the legal framework of privacy...
متن کاملHIDEF: a Data Exchange Format for Information Collected in Honeypots and Honeynets
The deployment of honeypots is one of the methods used to collect data about attack trends in computer networks. The lack of a standard format for data representation makes the exchange and centralization of data generated by different technologies difficult. This also restricts the correlation and analysis of this information. This paper presents the HIDEF (Honeypots Information and Data Excha...
متن کاملVulnerability Assessment using Honeypots
Honeypots are electronic bait, i.e. network resources (computers, routers, switches, etc.) deployed to be probed, attacked and compromised. Honeypots run special software which permanently collects data about the system and greatly aids in post-incident computer and network forensics. Several honeypots can be assembled into networks of honeypots called honeynets. Because of the wealth of data c...
متن کاملDarkNOC: Dashboard for Honeypot Management
Protecting computer and information systems from security attacks is becoming an increasingly important task for system administrators. Honeypots are a technology often used to detect attacks and collect information about techniques and targets (e.g., services, ports, operating systems) of attacks. However, managing a large and complex network of honeypots becomes a challenge given the amount o...
متن کاملMeasuring Security Threats with Honeypot Technology
Honeypots are electronic baits, i.e. network resources (computers, routers, switches, etc.) deployed to be probed, attacked and compromised. Honeypots run special software which permanently collects data about the system behavior and greatly aids in post-incident computer and network forensics. Several honeypots can be assembled into networks of honeypots called honeynets. Through the wealth of...
متن کامل