Efficient Deployment of Honeynets for Statistical and Forensic Analysis of Attacks from the Internet

Efficient Deployment of Honeynets for Statistical and Forensic Analysis of Attacks from the Internet

The use of honeynets as a means to detect and observe attacks originating from the Internet as well as to allow forensic analysis is a technique that has received increasing attention in the research community. However, it has not yet been investigated how effective honeynets are and to what extent...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Riebach, Stephan, Rathgeb, Erwin P., Toedtmann, Birger
Format: Buchkapitel
Sprache:eng
Schlagworte:
Applied sciences
Computer science
control theory
systems
Computer systems and distributed systems. User interface
Exact sciences and technology
Forensics
Honeynets
Honeypots
Security
Software
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The use of honeynets as a means to detect and observe attacks originating from the Internet as well as to allow forensic analysis is a technique that has received increasing attention in the research community. However, it has not yet been investigated how effective honeynets are and to what extent their efficiency can be actively improved. Therefore, after a short introduction to the honeynet concept and its implementation options, a case study will be presented providing some insight into this issue. For this case study, a honeynet has been implemented and a multilevel escalation strategy has been defined and employed to clarify to what extent the detected attacks represent just the “average” level of malware activity and to what extent honeynet owners can actively attract attacks or even influence specific types of attacks.
ISSN:0302-9743
1611-3349
DOI:10.1007/11422778_61