PL EN


Preferencje help
Widoczny [Schowaj] Abstrakt
Liczba wyników
Tytuł artykułu

HoneyPot systems in practice

Wybrane pełne teksty z tego czasopisma
Identyfikatory
Warianty tytułu
PL
Systemy HoneyPot w praktyce
Języki publikacji
EN
Abstrakty
EN
The paper presents the HoneyPot technology as well as the experience gained from their usage in the network of the Institute of Computer Science Warsaw University of Technology. On this background the concept of HoneyPot systems is presented and discussed. The paper is illustrated with the real-life cases of some recent vulnerabilities observed on our HoneyPots.
PL
Praca przedstawia technologię systemów HoneyPot oraz doświadczenia zebrane z ich użycia w sieci Instytutu Informatyki Politechniki Warszawskiej. Na tym tle zaprezentowano i omówiono koncepcję systemów HoneyPot oraz prawdziwe przypadki najnowszych zagrożeń zaobserwowane na naszych systemach HoneyPot.
Rocznik
Strony
63--67
Opis fizyczny
Bibliogr. 21 poz., wykr.
Twórcy
autor
  • Politechnika Warszawska, Instytut Informatyki, ul. Nowowiejska 15/19, 00-665 Warszawa, K.Cabaj@ii.pw.edu.pl
autor
Bibliografia
  • [1] January 28, 2014 – Akamai Releases Third Quarter, 2013 'State of the Internet' Report http://www.akamai.com/html/about/press/releases/2014/press_012814.html
  • [2] Nazimek P.P., Sosnowski J., Gawkowski P.: Checking fault susceptibility of cryptographic algorithms, Pomiary-Automatyka- Kontrola, (2009), nr 10, 827-830
  • [3] Sosnowski J., Gawkowski P., Cabaj K., Exploring the Space of System Monitoring, in: Intelligent Tools for Building a Scientific Information Platform: Advanced Architectures and Solutions / Bembenik R. [et.al.] (eds), Studies in Computational Intelligence, 467 (2013), 501-517
  • [4] Niels P., Thorsten H., Virtual Honeypots: From Botnet Tracking to Intrusion Detection, Addison-Wesley Professional (2007)
  • [5] Bringer M.L., Chelmecki Ch.A., and Fujinoki H., A Survey: Recent Advances and Future Trends in Honeypot Research, I. J. Computer Network and Information Security, (2012), 10, 63-75
  • [6] Shodan search engine web page: http://www.shodanhq.com/
  • [7] Heartbleed Bug Health Report, https://zmap.io/heartbleed/
  • [8] Brewster T., theguardian.com, More than 300k systems 'still vulnerable' to Heartbleed attacks: http://www.theguardian.com/technology/2014/jun/23/heartbleed-attacks-vulnerable-openssl
  • [9] Staniford S., Paxson V., and Weaver N., How to Own the Internet in Your Spare Time. Proceedings of the 11th USENIX Security Symposium, Dan Boneh (Ed.). USENIX Association, Berkeley, CA, USA, (2002) 149-167
  • [10] Cheswick B. An Evening with Berferd in which a cracker is Lured, Endured, and Studied, In Proc. Winter USENIX Conference, (1992)
  • [11] Baecher P., Koetter M., Dornseif M., Freiling F., The nepenthes platform: An efficient approach to collect malware, In Proceedings of the 9 th International Symposium on Recent Advances in Intrusion Detection (RAID06), (2006)
  • [12] Dionaea home page, http://dionaea.carnivore.it/
  • [13] Narvaez J., Aval Ch., Endicott-Popovsky B., Seifert C., Malviya A., and Nordwall D., Assessment of Virtualization as a Sensor Technique,ǁ Proceedings of the IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering, May (2010), 61-65
  • [14] Jiang X., Xu D., BaitTrap: A Catering HoneyPot Framework, Department of Computer Science Technical Report CSD TR 04-0xx, Purdue University, August (2004), http://friends.cs.purdue.edu/pubs/BaitTrap.pdf
  • [15] Carniwwwhore project page: http://carnivore.it/2010/11/27/carniwwwhore
  • [16] Supermicro BMC vulnerability, http://blog.cari.net/carisirt-yetanother-bmc-vulnerability-and-some-added-extras/
  • [17] DionaeaFR project page: http://rubenespadas.github.io/DionaeaFR/
  • [18] Agrawal R., Imielinski T., Swami A., Mining Association Rules Between Sets of Items in Large Databases, Proceedings of ACM SIGMOD Int. Conf. Management of Data, (1993)
  • [19] Cabaj K., Denis M., Buda M.: Management and Analytical Software for Data Gathered from HoneyPot System, in: Information Systems in Management, WULS Press Warsaw, 2 (2013), nr 3, 182-193
  • [20] Ullrich J.B., More Device Malware: This is why your DVR attacked my Synology Disk Station (and now with Bitcoin Miner!), InfoSec Handlers Diary Blog, 2014.03.31,http://dshield.org/diary/More+Device+Malware%3A+This+is+why+your+DVR+attacked+my+Synology+Disk+Station+%28and+now+with+Bitcoin+Miner!%29/17879
  • [21] Seggelmann R., Tuexen M., Williams M., Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension, RFC 6520, (2012), ISSN: 2070-1721
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-90ff891d-5395-49cf-8c93-779b9dc12dad
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.