Avoiding Cyber-attacks to DMZ and Capturing Forensics from Intruders Using Honeypots

نویسندگان: ثبت نشده
چکیده مقاله:

Nowadays, honeypots are widely used to divert attackers from the original target and keep them busy within a decoy environment. DeMilitarized Zone (DMZ) is an important zone for network administrators, because many of the services to the public network is provided at this zone. Many of the security tools such as firewalls, intrusion detection systems and several other security systems can be used to secure DMZ. But honeypots are supplementary devices used to discover attacks and capture forensics against the attackers. The most important solution to secure the DMZ is to detect attacks against servers of this zone and void these intrusions by leading them to honeypots and capturing enough forensics against the attackers. This research work is focused on providing a solution for problem areas such as response to intrusion attempts and redirection of the intruders to honeypots. The proposed system detects malicious activities and redirects them to a decoy system to capture forensics. Honeypots are decoy systems used to interact with attackers and capture forensics from their activities. In the reported work, detection of the malicious activities is carried-out using a Network-based Intrusion Detection System (NIDS). Measuring performance of the proposed system, three important factors are implemented. These factors include accuracy, false positive rate and true positive rate. Accuracy is presented as an important factor to check the performance of the system. In our simulations, the measured accuracy is more than 99 percent. False positive rate is another important factor of this system that shows the failure rate. This parameter is measured less than 0.50 percent that shows the proposed system cannot detect all the attacks against the protected machine, but attack detection is performed using a suitable rate. The last factor of system performance is true positive rate that is measured to be 100 percent. This measurement shows that all of the legitimate traffic is directed to protected machine with proposed system.

برای دانلود باید عضویت طلایی داشته باشید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Honeypots Aiding Network Forensics: Challenges and Notions

risks as attacks are increasing day after day. Network forensics is the process of investigation such attacks through analyzing network data and events. Many challenges are facing investigators due to the rapid growing of network scale and intruders’ skills. Honeypots are computer traps that are meant to be compromised to attract hackers and monitor their strategies and tools. Using honeypots p...

متن کامل

Detecting Targeted Attacks Using Shadow Honeypots

We present Shadow Honeypots, a novel hybrid architecture that combines the best features of honeypots and anomaly detection. At a high level, we use a variety of anomaly detectors to monitor all traffic to a protected network/service. Traffic that is considered anomalous is processed by a “shadow honeypot” to determine the accuracy of the anomaly prediction. The shadow is an instance of the pro...

متن کامل

Cyber Security and the Internet of Things: Vulnerabilities,Threats, Intruders and Attacks

Internet of Things (IoT) devices are rapidly becoming ubiquitous while IoT services are becoming pervasive. Their success has not gone unnoticed and the number of threats and attacks against IoT devices and services are on the increase as well. Cyber-attacks are not new to IoT, but as IoT will be deeply interwoven in our lives and societies, it is becoming necessary to step up and take cyber de...

متن کامل

Cyber Security, Cyber Crime and Cyber Forensics - Applications and Perspectives

By reading, you can know the knowledge and things more, not only about what you get from people to people. Book will be more trusted. As this cyber security cyber crime and cyber forensics applications and perspectives, it will really give you the good idea to be successful. It is not only for you to be success in certain life you can be successful in everything. The success can be started by k...

متن کامل

DNSSEC for cyber forensics

Domain Name System (DNS) cache poisoning is a stepping stone towards advanced (cyber) attacks. DNS cache poisoning can be used to monitor users’ activities for censorship, to distribute malware and spam and to subvert correctness and availability of Internet clients and services. Currently, the DNS infrastructure relies on challengeresponse defences against attacks by (the common) off-path adve...

متن کامل

منابع من

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


عنوان ژورنال

دوره 3  شماره 1

صفحات  65- 80

تاریخ انتشار 2012-02-01

با دنبال کردن یک ژورنال هنگامی که شماره جدید این ژورنال منتشر می شود به شما از طریق ایمیل اطلاع داده می شود.

میزبانی شده توسط پلتفرم ابری doprax.com

copyright © 2015-2023