Wyniki wyszukiwania - BazTech

1

HoneyPot systems in practice

Cabaj K., Gawkowski P.

Przegląd Elektrotechniczny

|

2015

|

R. 91, nr 2

63-67

EN

The paper presents the HoneyPot technology as well as the experience gained from their usage in the network of the Institute of Computer Science Warsaw University of Technology. On this background the concept of HoneyPot systems is presented and discussed. The paper is illustrated with the real-life cases of some recent vulnerabilities observed on our HoneyPots.

PL

Praca przedstawia technologię systemów HoneyPot oraz doświadczenia zebrane z ich użycia w sieci Instytutu Informatyki Politechniki Warszawskiej. Na tym tle zaprezentowano i omówiono koncepcję systemów HoneyPot oraz prawdziwe przypadki najnowszych zagrożeń zaobserwowane na naszych systemach HoneyPot.

2

Visualization as support for web honeypot data analysis

Cabaj K.

Information Systems in Management

|

2015

|

Vol. 4, No. 1

14--25

EN

The paper presents methodologies associated with visualization, which supports data analysis. Analyzed data has been gathered by HoneyPot systems deployed in the network of Institute of Computer Science. Due to the vast amounts of data, the manual analysis was almost impossible and very impractical, also considering time constraints. Introduced visualization techniques and supporting filtering features are implemented in HPMS (HoneyPot Management System). The paper describes in details two introduced methodologies which support data analysis using both charts and graphs. The first one is used for the discovery of basic activities observed by HoneyPot. The second one is used for advanced analysis of machines used during attacks concerning PhpMyAdmin software.

3

Management and analytical software for data gathered from HoneyPot system

Cabaj K., Denis M., Buda M.

Information Systems in Management

|

2013

|

Vol. 2, No. 3

182--193

EN

The paper describes details concerning systems used for analysis and the result of data gathered from two various HoneyPot systems, implemented at Institute of Computer Science. The first system uses data mining techniques for the automatic discovery of interesting patterns in connections directed to the HoneyPot. The second one is responsible for the collection and the initial analysis of attacks dedicated to the Web applications, which nowadays is becoming the most interesting target for cybercriminals. The paper presents results from almost a year of usage, with implemented prototypes, which prove it's practical usefulness. The person performing analysis improves effectiveness by using potentially useful data, which is initially filtered from noise, and automatically generated reports. The usage of data mining techniques allows not only detection of important patterns in rapid manner, but also prevents from overlooking interesting patterns in vast amounts of other irrelevant data.

4

Data mining approach to signature generation from honeypot activity

Cabaj K.

Elektronika : konstrukcje, technologie, zastosowania

|

2007

|

Vol. 48, nr 1

48-50

EN

Paper contains description of current Internet threats and security systems. Analysis of those systems shows that a big disadvantage of them is connected with not up-to-date signatures. Proposed and described system could generate signatures fast enough to increase ability for protecting users. For proposed automatic generation new ideas, honeypots and dataming are used.

PL

Opisano aktualne zagrożenia związane z używaniem Internetu. Analiza obecnie używanych systemów bezpieczeństwa pokazuje, że największym problem jest dostarczenie aktualnych sygnatur. Zaproponowany i opisany system służy do automatycznego generowania sygnatur na podstawie ruchu sieciowego w systemie honeypot.