A proposal for a new way of classifying network security metrics. Study of the information collected through a honeypot

被引：2

作者：

Carrasco, Alejandro ^{[1
]}

Ropero, Jorge ^{[1
]}

Ruiz de Clavijo, Paulino ^{[1
]}

Benjumea, Jaime ^{[1
]}

Luque, Amalia ^{[2
]}

机构：

[1] Univ Seville, Dept Elect Technol, Seville, Spain

[2] Univ Seville, Dept Design Engn, Seville, Spain

来源：

2018 IEEE 18TH INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY COMPANION (QRS-C) | 2018年

关键词：

Honeypot; Metric; Kippo; Network Security; IDS;

D O I：

10.1109/QRS-C.2018.00110

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Nowadays, honeypots are a key tool to attract attackers and study their activity. They help us in the tasks of evaluating attacker's behaviour, discovering new types of attacks, and collecting information and statistics associated with them. However, the gathered data cannot be directly interpreted, but must be analyzed to obtain useful information. In this paper, we present a SSH honeypot-based system designed to simulate a vulnerable server. Thus, we propose an approach for the classification of metrics from the data collected by the honeypot along 19 months.

引用

页码：633 / 634

页数：2

共 9 条

[1]

De Faveri C., 2016, P 2016 IEEE INT C SO, P77

[2] Characterization and classification of malicious Web traffic [J].

Goseva-Popstojanova, Katerina ;

Anastasovski, Goce ;

Dimitrijevikj, Ana ;

Pantev, Risto ;

Miller, Brandon .

COMPUTERS & SECURITY, 2014, 42 :92-115

[3]

Koniaris I, 2013, 2013 IEEE EUROCON, P65, DOI 10.1109/EUROCON.2013.6624967

[4] MVPSys: Toward practical multi-view based false alarm reduction system in network intrusion detection [J].

Li, Wenjuan ;

Meng, Weizhi ;

Luo, Xiapu ;

Kwok, Lam For .

COMPUTERS & SECURITY, 2016, 60 :177-192

[5] Monitoring unauthorized internet accesses through a 'honeypot' system [J].

Marchese, Mario ;

Surlinelli, Roberto ;

Zappatore, Sandro .

INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2011, 24 (01) :75-93

[6] Profiling attacker behavior following SSH compromises [J].

Ramsbrock, Daniel ;

Berthier, Robin ;

Cukier, Michel .

37TH ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS, PROCEEDINGS, 2007, :119-+

[7]

Sochor T, 2014, COMM COM INF SC, V431, P118

[8]

Valli Craig, 2012, CYBERSPACE SAFETY SE, P227

[9]

Visoottiviseth V., 2011, 8 INT JOINT C COMP S, P23

← 1 →