Strengthening MT6D Defenses with LXC-Based Honeypot Capabilities
作者: Dileep Basam , J Scot Ransbottom , Randy Marchany , Joseph G Tront , None
DOI: 10.1155/2016/5212314
关键词:
摘要: Moving Target IPv6 Defense MT6D imparts radio-frequency hopping behavior to networks by having participating nodes periodically hop onto new addresses while giving up old addresses. Our previous research efforts implemented a solution identify and acquire these that are being discarded hosts on local network besides able monitor visualize the incoming traffic This was essentially equivalent forming darknet out of addresses, but presented in effort did not include database integration for it scale be extended. paper presents with architecture only extends terms automation also demonstrates ability deploy honeypot virtual LXC Linux Container on-demand based any interesting pattern observed address. The proposed allows an host query activity its relinquished as JavaScript Object Notation JSON object. suspicious strengthen scheme parameters accordingly. We have built proof-of-concept analyzed solution’s feasibility scalability.
hindawi.com
acm.org
core.ac.uk参考文章(9)
Matthew Dunlop, Stephen Groat, William Urbanski, Randy Marchany, Joseph Tront, None, MT6D: A Moving Target IPv6 Defense military communications conference. pp. 1321- 1326 ,(2011) , 10.1109/MILCOM.2011.6127486
Dileep Basam, Randy Marchany, Joseph G Tront, None, Attention: moving target defense networks, how well are you moving? computing frontiers. pp. 54- ,(2015) , 10.1145/2742854.2744721
Matthew Dunlop, Stephen Groat, William Urbanski, Randy Marchany, Joseph Tront, None, The Blind Man's Bluff Approach to Security Using IPv6 ieee symposium on security and privacy. ,vol. 10, pp. 35- 43 ,(2012) , 10.1109/MSP.2012.28
Christopher Morrell, Reese Moore, Randy Marchany, Joseph G Tront, None, DHT Blind Rendezvous for Session Establishment in Network Layer Moving Target Defenses Proceedings of the Second ACM Workshop on Moving Target Defense. pp. 77- 84 ,(2015) , 10.1145/2808475.2808477
Kazuya Kishimoto, Kenji Ohira, Yukiko Yamaguchi, Hirofumi Yamaki, Hiroki Takakura, An Adaptive Honeypot System to Capture IPv6 Address Scans Cybersecurity. pp. 165- 172 ,(2012) , 10.1109/CYBERSECURITY.2012.28
Christopher Morrell, J Scot Ransbottom, Randy Marchany, Joseph G Tront, None, Scaling IPv6 address bindings in support of a moving target defense international conference for internet technology and secured transactions. pp. 440- 445 ,(2014) , 10.1109/ICITST.2014.7038852
L. Spitzner, Honeypots: catching the insider threat annual computer security applications conference. pp. 170- 179 ,(2003) , 10.1109/CSAC.2003.1254322
H. Artail, I. Kuwatly, M. Sraj, Z. Al Masri, A dynamic honeypot design for intrusion detection international conference on pervasive services. pp. 95- 104 ,(2004) , 10.1109/ICPS.2004.3
Jeff Hieb, Anomaly based intrusion detection for network monitoring using a dynamic honeypot. University of Louisville. ,(2004) , 10.18297/ETD/616