Shedding Light on the Configuration of Dark Addresses.
作者: Sushant Sinha , Michael Bailey , Farnam Jahanian , None
DOI:
关键词:
摘要: A popular approach to detecting and characterizing threats such as worms botnets involves the use of sacrificial host collections called honeynets. These are explicitly deployed be scanned, compromised, used in attacks. Unfortunately, existing approaches deploying honeynets largely ignore problem configuring operating systems applications on individual hosts, leaving user configure them a manual often ad hoc fashion. In this paper, we demonstrate that configurations inadequate–they misrepresent security landscape networks they trying protect relatively easy for attackers discover. We show manually building with good visibility resistance discovery is hard, each network has its own unique threat vulnerability spaces, potential number hosts honeynet quite large. Therefore, need automated assist administrators configurations. argue individually consistent proportional representation will achieve two desired goals into attacks discovery. develop an technique based profiling random sampling generate these Through experimental evaluation deployment generated by our technique, significantly more higher than current methods.
ndss-symposium.org
isoc.org参考文章(17)
Evan Cooke, Michael Bailey, Farnam Jahanian, Richard Mortier, None, The dark oracle: perspective-aware unused and unreachable address discovery networked systems design and implementation. pp. 8- 8 ,(2006)
Timothy Battles, Danny McPherson, Evan Cooke, Michael Bailey, Tracking Global Threats with the Internet Motion Sensor ,(2004)
Xuxian Jiang, Dongyan Xu, Collapsar: a VM-based architecture for network attack detention center usenix security symposium. pp. 2- 2 ,(2004)
William G. Cochran, Sampling Techniques, 3Rd Edition ,(1963)
Moheeb Abu Rajab, Fabian Monrose, Andreas Terzis, Fast and Evasive Attacks: Highlighting the Challenges Ahead Lecture Notes in Computer Science. pp. 206- 225 ,(2006) , 10.1007/11856214_11
Niels Provos, A virtual honeypot framework usenix security symposium. pp. 1- 1 ,(2004)
L. Spitzner, Honeypots: Tracking Hackers ,(2002)
Mary Vernon, Jason Franklin, John Bethencourt, Mapping internet sensors with probe response attacks usenix security symposium. pp. 13- 13 ,(2005)
Vinod Yegneswaran, Paul Barford, Dave Plonka, On the Design and Use of Internet Sinks for Network Abuse Monitoring recent advances in intrusion detection. pp. 146- 165 ,(2004) , 10.1007/978-3-540-30143-1_8
David Dagon, Xinzhou Qin, Guofei Gu, Wenke Lee, Julian Grizzard, John Levine, Henry Owen, HoneyStat: Local Worm Detection Using Honeypots recent advances in intrusion detection. pp. 39- 58 ,(2004) , 10.1007/978-3-540-30143-1_3