Analysis of Client Honeypots
نویسنده
چکیده
With the growing popularity of Internet, security has become one of the most important concerns. Honeypot is a security resource whose value lies in being probed or attacked. It can be used to wave off the security issues arising nowadays. Also one can obtain a considerable amount of information about the attacker and his attacking methodologies. This paper includes brief discussion about different types of honeypot technology based on the site of the attack namely client honeypots and server honeypots. The server honeypots enable us to understand the server side attacks whereas client honeypots enable us understand the client side attacks. During the research on honeypot technologies, main focus was on the analysis of Client honeypots as they considerably are more vulnerable to the attacks. We will be discussing different types of attacks on client honeypots and different approach to detect and tackle them. Keywords—honeypot, client honeypot, 0day attacks, detection, obfuscation, effectiveness, integration
منابع مشابه
Efficient Detection of Malicious Web Pages Using High-Interaction Client Honeypots
Drive-by-download attacks are client-side attacks that originate from web servers clients visit. High-interaction client honeypots identify malicious web pages by directly visiting the web pages and are very useful. However, they still have shortcomings that must be addressed: long inspection time and possibility of not detecting certain attacks such as time bombs. To address these problems, we...
متن کاملPhoneyC: A Virtual Client Honeypot
The number of client-side attacks has grown significantly in the past few years, shifting focus away from defendable positions to a broad, poorly defended space filled with vulnerable clients. Just as honeypots enabled deep research into server-side attacks, honeyclients can permit the deep study of client-side attacks. A complement to honeypots, a honeyclient is a tool designed to mimic the be...
متن کاملEmpirical analysis and statistical modeling of attack processes based on honeypots
Honeypots are more and more used to collect data on malicious activities on the Internet and to better understand the strategies and techniques used by attackers to compromise target systems. Analysis and modeling methodologies are needed to support the characterization of attack processes based on the data collected from the honeypots. This paper presents some empirical analyses based on the d...
متن کاملTime-Traveling Forensic Analysis of VM-Based High-Interaction Honeypots
Honeypots have proven to be an effective tool to capture computer intrusions (or malware infections) and analyze their exploitation techniques. However, forensic analysis of compromised honeypots is largely an ad-hoc and manual process. In this paper, we propose Timescope, a system that applies and extends recent advances in deterministic record and replay to high-interaction honeypots for exte...
متن کاملDesign and Implementation of Linux Based Hybrid Client Honeypot Incorporating Multi Layer Detection
In current global internet cyber space, the number of targeted client side attacks are increasing that lead users to adversaries' web sites and exploit web browser vulnerabilities is increasing, therefore there is requirement of strong mechanisms to fight against these kinds of attacks. In this paper, we present the design and implementation of a client honeypot which incorporate the functional...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014