Hyhoneydv6: A hybrid Honeypot Architecture for IPv6 Networks
نویسندگان
چکیده
This paper presents a new hybrid honeypot archi-tecture which focuses on the coverage of large IPv6 address spaces. Results from a 15-months darknet experiment verify that attackers and researchers utilise various approaches to scan wide and unforeseeable IPv6 address ranges which cannot be managed with current honeypot solutions. The huge IPv6 address space not only makes it hard for attackers to find target hosts, it also makes it difficult for a honeypot to get found by an attacker. We solve this challenge through the use of dynamically configured high-interaction honeypots that can cover large chunks of the IPv6 address space. A new proxy mechanism is used to transparently handover and forward traffic from low-to highinteraction honeypots on demand to provide the best possible service granularity. Measurements with our prototype implementation show that the proposed approach performs well on off-the-shelf hardware and has low maintenance costs.
منابع مشابه
Honeypot architectures for IPv6 networks
The decrease of available IPv4 addresses and the requirement for new features demands Internet service providers to deploy IPv6 networks. It is not a question of if, but when new network attacks will appear, which target the comparatively new network protocol. Virtual honeypots provide an important tool for the observation of assaults in computer networks. In contrast to intrusion detection sys...
متن کاملAn Advanced Hybrid Honeypot for Providing Effective Resistance in Automatic Network Generation
Increasing usage of Internet and computer networks by individuals and organizations and also attackers’ usage of new methods and tools in an attempt to endanger network security, have led to the emergence of a wide range of threats to networks. A honeypot is one of the basic techniques employed for network security improvement. It is basically designed to be attacked so as to get the attackers’...
متن کاملAdvanced Honeypot Architecture for Network Threats
Title of Document: Advanced Honeypot Architecture for Network Threats Quantification Robin Berthier, Ph.D., 2009 Directed By: Associate Professor Michel Cukier, Reliability Engineering Program Today's world is increasingly relying on computer networks. The increase in the use of network resources is followed by a rising volume of security problems. New threats and vulnerabilities are discovered...
متن کاملHoneymaze: a Hybrid Intrusion Detection System
In this paper we discussed, a hybrid intrusion detection system using honey pot. Hybrid honeypot is the combination of low and high interaction honeypots. It helps in detecting intrusion attacking on the system. For this, I have proposed the hybrid model of hybrid honeypot. Low interaction honeypot provide enough interaction to attackers to allow honeypot to detect interesting attacks. It also ...
متن کاملA Hybrid Honeypot Architecture for Scalable Network Monitoring
To provide scalable, early warning and analysis of new Internet threats like worms or automated attacks, we propose a globally distributed, hybrid monitoring architecture that can capture and analyze new vulnerabilities and exploits as they occur. To achieve this, our architectures increases the exposure of high-interaction honeypots to these threats by employing low-interaction honeypots as fr...
متن کامل