Identyfikatory
Warianty tytułu
Języki publikacji
Abstrakty
The paper presents methodologies associated with visualization, which supports data analysis. Analyzed data has been gathered by HoneyPot systems deployed in the network of Institute of Computer Science. Due to the vast amounts of data, the manual analysis was almost impossible and very impractical, also considering time constraints. Introduced visualization techniques and supporting filtering features are implemented in HPMS (HoneyPot Management System). The paper describes in details two introduced methodologies which support data analysis using both charts and graphs. The first one is used for the discovery of basic activities observed by HoneyPot. The second one is used for advanced analysis of machines used during attacks concerning PhpMyAdmin software.
Czasopismo
Rocznik
Tom
Strony
14--25
Opis fizyczny
Bibliogr. 11 poz., rys., wykr.
Twórcy
autor
- Institute of Computer Science, Warsaw University of Technology
Bibliografia
- [1] Cabaj K., Denis M., Buda M. (2013) Management and Analytical Software for Data Gathered from HoneyPot System, Information Systems in Management, WULS Press Warsaw, vol. 2, nr 3, 182-193
- [2] Cheswick B. (1992) An Evening with Berferd in which a cracker is Lured, Endured, and Studied, In Proc. Winter USENIX Conference
- [3] Provos N., Holz T. (2008) Virtual Honeypots: From Botnet Tracking to Intrusion Detection, Addison-Wesley
- [4] Baecher P., Koetter M., Dornseif M., Freiling F. (2006), The nepenthes platform: An efficient approach to collect malware, In Proceedings of the 9 th International Symposium on Recent Advances in Intrusion Detection (RAID06)
- [5] Dionaea catches bugs, http://dionaea.carnivore.it/ [2014.11.29]
- [6] Cabaj K., Gawkowski P. (2014) HoneyPot systems in practice, The Nineteenth International Multi-Conference On Advanced Computer Systems (ACS14), Międzyzdroje, Poland, October 22 - 24 25
- [7] Shell Shock attack, http://en.wikipedia.org/wiki/Shellshock_%28software_bug%29 [2014.11.29]
- [8] PhpMyAdmin, www.phpmyadmin.net/ [2014.11.29]
- [9] Bringer M. L., Chelmecki C. A., Fujinoki H., (2012) A Survey: Recent Advances and Future Trends in Honeypot Research, I. J. Computer Network and Information Security 10, 63-75
- [10] N. Provos, T. Holz, Praise for virtual HoneyPots, Pearson Education, ISBN 978-0- 321-33632-3, (2007)
- [11] Fu X., Yu W., Cheng D., Tan X., Streff K., and Graham S., (2006) On Recognizing Virtual Honeypots and Countermeasures,ǁ Proceedings of the IEEE International Symposium on Dependable, Autonomic and Secure Computing, pp. 211-218
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-2c4d9475-606d-4853-9590-99373b49db9d