On the Detection and Handling of Security Incidents and Perimeter Breaches - A Modular and Flexible Honeytoken based Framework
作者: Daniel Fraunholz , Daniel Krohmer , Frederic Pohl , Hans Dieter Schotten
DOI: 10.1109/NTMS.2018.8328709
关键词:
摘要: Information security is a fast-changing domain. Traditional mechanisms such as firewalls and access control are circumvented regularly. The amount of significant incidents grows each year. Deception systems perfect match to support perimeter-based technologies in intrusion detection, data breach identification leakage prevention. In this work, framework proposed generating, deploying, monitoring maintaining honeytokens on host system. easily extendable flexible its use. authors also describe prototype implementation for four different types tokens thereby address typical issues when operating honeytokens.
sci-hub.se 参考文章(21)
Mark Maybury, Detecting Malicious Insiders in Military Networks ,(2006)
Miss Laiha Mat Kiah, Wira Zanoramy Ansiry Zakaria, A review on artificial intelligence techniques for developing intelligent honeypot international conference on computing technology and information management. ,vol. 2, pp. 696- 701 ,(2012)
Wei Wang, Jeffrey Bickford, Ilona Murynets, Ramesh Subbaraman, Andrea G. Forte, Gokul Singaraju, Catching the Wily Hacker: A multilayer deception system 2012 35th IEEE Sarnoff Symposium. pp. 1- 6 ,(2012) , 10.1109/SARNOF.2012.6222760
Ari Juels, Ronald L. Rivest, Honeywords: making password-cracking detectable computer and communications security. pp. 145- 160 ,(2013) , 10.1145/2508859.2516671
Wira Zanoramy Ansiry Zakaria, Miss Laiha Mat Kiah, None, A review of dynamic and intelligent honeypots Scienceasia. pp. 1- ,(2013) , 10.2306/SCIENCEASIA1513-1874.2013.39S.001
Craig M. McRae, Rayford B. Vaughn, Phighting the Phisher: Using Web Bugs and Honeytokens to Investigate the Source of Phishing Attacks hawaii international conference on system sciences. ,vol. 1, pp. 270- ,(2007) , 10.1109/HICSS.2007.435
Jonathan White, Brajendra Panda, Implementing PII honeytokens to mitigate against the threat of malicous insiders intelligence and security informatics. pp. 233- 233 ,(2009) , 10.1109/ISI.2009.5137315
Maya Bercovitch, Meir Renford, Lior Hasson, Asaf Shabtai, Lior Rokach, Yuval Elovici, HoneyGen: An automated honeytokens generator intelligence and security informatics. pp. 131- 136 ,(2011) , 10.1109/ISI.2011.5984063
Nikos Virvilis, Bart Vanautgaerden, Oscar Serrano Serrano, Changing the game: The art of deceiving sophisticated attackers international conference on cyber conflict. pp. 87- 97 ,(2014) , 10.1109/CYCON.2014.6916397
C. Cowan, P. Wagle, C. Pu, S. Beattie, J. Walpole, Buffer overflows: attacks and defenses for the vulnerability of the decade Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems]. pp. 227- 237 ,(2003) , 10.1109/FITS.2003.1264935