Building a Network Intrusion Model Based on Data from Honeypots

被引：0

作者：

Shkirdov, Danila A. ^{[1
]}

Sagatov, Evgeny S. ^{[1
]}

Sukhov, Andrei M. ^{[1
]}

Zuev, Sergey A. ^{[2
]}

机构：

[1] Samara Natl Res Univ, Moskovskoe Shosse 34, Samara 443086, Russia

[2] VI Vernadsky Crimean Fed Univ, Prospekt Vernadskogo 4, Simferopol 295007, Crimea, Russia

来源：

2018 26TH TELECOMMUNICATIONS FORUM (TELFOR) | 2018年

关键词：

Black list of IP addresses; honeypot; network intrusion; ranked list of vulnerabilities; web server attack model;

D O I：

暂无

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

This paper presents the results of data analysis from a geographically distributed network of honeypots. Such honeypot servers were deployed in Samara, Rostov on Don, Crimea and the USA almost two years ago. The collected data allows for the building of a model of network intrusion. This model includes black lists regarding attacking IP addresses for various Internet services and all kinds of statistics, including calls to OS ports. It is especially necessary to allocate the ranked lists of basic Internet threats which are used by hackers.

引用

页码：104 / 107

页数：4

共 8 条

[1] [Anonymous], 2015, Int. J. Netw. Secur.
[2] Bhingarkar A., 2015, P INT C GRID COMP AP, P16
[3] A proposal for a new way of classifying network security metrics. Study of the information collected through a honeypot
Carrasco, Alejandro
Ropero, Jorge
Ruiz de Clavijo, Paulino
Benjumea, Jaime
Luque, Amalia
[J]. 2018 IEEE 18TH INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY COMPANION (QRS-C), 2018, : 633 - 634
[4] Kabiri Peyman., 2005, IJ Network Security, V1, P84
[5] A data mining framework for building intrusion detection models
Lee, W
Stolfo, SJ
Mok, KW
[J]. PROCEEDINGS OF THE 1999 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 1999, : 120 - 132
[6] The honeynet project: Trapping the hackers
[J]. Spitzner, L. (lance@honeynet.org), 1600, Institute of Electrical and Electronics Engineers Inc. (01): : 15 - 23
[7] Stoll C., 1990, The Cuckoo's Egg: Tracking a Spy through the Maze of Computer Espionage
[8] Identifying Internet background radiation traffic based on traffic source distribution
Wang, Ruoyu
Liu, Zhen
Tao, Ming
Zhang, Ling
[J]. JOURNAL OF HIGH SPEED NETWORKS, 2015, 21 (02) : 107 - 120

← 1 →