摘要: Honeypots are information system resources, whose value lies in unauthorized or illicit use of these resources. In this paper, we present a project that has established world-wide distributed sensor honeypots. Within system, each platform the same configuration, thus allowing us to compare collected data platform. And since all platforms send logging central database, enables correlate and draw conclusions from it. Besides presenting project, show how can be used learn more about attack patterns. addition, illustrate root-causes attacks, i.e., specific tools techniques by attackers.
doctoremote.co.uk 参考文章(11)
Robert Stone, Dug Song, Rob Malan, A Snapshot of Global Internet Worm Activity ,(2001)
Niels Provos, A virtual honeypot framework usenix security symposium. pp. 1- 1 ,(2004)
Michael Bailey, Evan Cooke, Farnam Jahanian, Jose Nazario, David Watson, None, The Internet Motion Sensor - A Distributed Blackhole Monitoring System. network and distributed system security symposium. ,(2005)
Geoffrey M. Voelker, Stefan Savage, David Moore, Inferring internet denial-of-service activity usenix security symposium. pp. 2- 2 ,(2001)
Vinod Yegneswaran, Paul Barford, Somesh Jha, Global Intrusion Detection in the DOMINO Overlay System. network and distributed system security symposium. ,(2004)
Fabien Pouget, Marc Dacier, Honeypot-based forensics ,(2004)
M. Dornseif, F. C. Gärtner, T. Holz, Vulnerability Assessment using Honeypots Praxis Der Informationsverarbeitung Und Kommunikation. ,vol. 27, pp. 195- 201 ,(2004) , 10.1515/PIKO.2004.195
Evan Cooke, Michael Bailey, Z Morley Mao, David Watson, Farnam Jahanian, Danny McPherson, None, Toward understanding distributed blackhole placement workshop on rapid malcode. pp. 54- 64 ,(2004) , 10.1145/1029618.1029627
Fabien Pouget, Thorsten Holz, A pointillist approach for comparing honeypots international conference on detection of intrusions and malware and vulnerability assessment. pp. 51- 68 ,(2005) , 10.1007/11506881_4
Vishal Malik, Distributed intrusion detection system ,(2002)