Parallel Hybrid Honeypot and IDS Architecture to Detect Network Attacks
نویسنده
چکیده
In this paper, we have proposed a parallel IDS and honeypot based approach to detect and analyze the unknown and known attack taxonomy for improving the IDS performance and protecting the network from intruders. The main theme of our approach is to record and analyze the intruder activities by using both the low and high interaction honeypots. Our architecture aims to achieve the required goals by combing signature based IDS, honeypots and generate the new signatures. The paper describes the basic component, design and implementation of this approach and also demonstrates the effectiveness of this approach to reduce the probability of network attacks. Keywords—Network security, Intrusion detection, Honeypot, Snort, Nmap.
منابع مشابه
An Approach to for Improving the Efficiency of IDS System Using Honeypot
Increasing technology space has pressurized the orgainsational enviroment to safegraurd its network from outside as well as inside attack. Any malicious intrusion can dragdown a highly reputed organisation to the floors of defamation and even insolvency. Henceforth network security is one of the biggest challenge for organisation. Although traditional concepts of firewall and intrusion detction...
متن کامل(WHASG) Automatic SNORT Signatures Generation by using Honeypot
An Intrusion detection system (IDS) is an important network security component that is used to monitor network traffic and detect attack attempts. A signature based intrusion detection system relies on a set of predefined signatures to detect an attack. Due to “zero-day” attacks (i.e. new unknown attacks) conventional IDS will not be able to detect these new attacks until the signatures are upd...
متن کاملCloud Computing Security Using IDS-AM-Clust, Honeyd, Honeywall and Honeycomb ¬リニ
The cloud computing security has become a basic necessity. It acquires knowledge about vulnerabilities, attacks, activities of attackers and tools to secure it. This work proposes new cloud infrastructure architecture, which combines IDS based on mobile agent sand using three types of honeypots in order to detect attacks, to study the behavior of attackers, increase the added value of Honeypot ...
متن کاملHoneymaze: a Hybrid Intrusion Detection System
In this paper we discussed, a hybrid intrusion detection system using honey pot. Hybrid honeypot is the combination of low and high interaction honeypots. It helps in detecting intrusion attacking on the system. For this, I have proposed the hybrid model of hybrid honeypot. Low interaction honeypot provide enough interaction to attackers to allow honeypot to detect interesting attacks. It also ...
متن کاملA hybrid intrusion detection system design for computer network security
Intrusions detection systems (IDSs) are systems that try to detect attacks as they occur or after the attacks took place. IDSs collect network traffic information from some point on the network or computer system and then use this information to secure the network. Intrusion detection systems can be misuse-detection or anomaly detection based. Misuse-detection based IDSs can only detect known a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014