Data Mining in Long-Term Honeypot Data
作者: Daniel Fraunholz , Marc Zimmermann , Alexander Hafner , Hans D. Schotten
关键词:
摘要: Criminal activity in the Internet is becoming more sophisticated. Traditional information security techniques hardly cope with recent trends. Honeypots proved to be a valuable source of threat intelligence. In this work several are combined into Honeynet and observed exploitation attempts. The consists six was operated for 222 days. 12 million attempts were captured. captured data examined evaluated. Several hypotheses proposed analyzed. Dependencies distribution within identified quantified. Investigated features are: Temporal spatial distribution, attacked protocols, involved autonomous systems employed dictionaries.
sci-hub.se 参考文章(21)
Mohammed H. Almeshekah, Eugene H. Spafford, Planning and Integrating Deception into Computer Security Defenses new security paradigms workshop. pp. 127- 138 ,(2014) , 10.1145/2683467.2683482
C. Leita, V.H. Pham, O. Thonnard, E. Ramirez-Silva, F. Pouget, E. Kirda, M. Dacier, The Leurre.com Project: Collecting Internet Threats Information Using a Worldwide Distributed Honeynet 2008 WOMBAT Workshop on Information Security Threats Data Collection and Sharing. pp. 40- 57 ,(2008) , 10.1109/WISTDCS.2008.8
Van-Hau Pham, Marc Dacier, Honeypot trace forensics: The observation viewpoint matters Future Generation Computer Systems. ,vol. 27, pp. 539- 546 ,(2011) , 10.1016/J.FUTURE.2010.06.004
Zhenxin Zhan, Maochao Xu, Shouhuai Xu, Characterizing Honeypot-Captured Cyber Attacks: Statistical Framework and Case Study IEEE Transactions on Information Forensics and Security. ,vol. 8, pp. 1775- 1789 ,(2013) , 10.1109/TIFS.2013.2279800
Gabriel Salles-Loustau, Robin Berthier, Etienne Collange, Bertrand Sobesto, Michel Cukier, Characterizing Attackers and Attacks: An Empirical Study pacific rim international symposium on dependable computing. pp. 174- 183 ,(2011) , 10.1109/PRDC.2011.29
Robin Berthier, Jorge Arjona, Michel Cukier, Analyzing the process of installing rogue software dependable systems and networks. pp. 560- 565 ,(2009) , 10.1109/DSN.2009.5270293
Daniel Ramsbrock, Robin Berthier, Michel Cukier, Profiling Attacker Behavior Following SSH Compromises dependable systems and networks. pp. 119- 124 ,(2007) , 10.1109/DSN.2007.76
Olivier Thonnard, Marc Dacier, A framework for attack patterns' discovery in honeynet data digital forensic research workshop. ,vol. 5, ,(2008) , 10.1016/J.DIIN.2008.05.012
Michał Buda, Ilona Bluemke, Data Mining Algorithms in the Analysis of Security Logs from a Honeypot System Dependability Engineering and Complex Systems. pp. 63- 73 ,(2016) , 10.1007/978-3-319-39639-2_6
Matthias Wählisch, Thomas C. Schmidt, Christian Keil, Jochen Schönfelder, Marcin Nawrocki, A Survey on Honeypot Software and Data Analysis. arXiv: Cryptography and Security. ,(2016)