Abstract
Honeypots are the network sensors used for capturing the network attacks. As these sensors are solely deployed for the purpose of being attacked and compromised hence they have to be closely monitored and controlled. In the work presented in this paper the authors have addressed the problem of base-lining the high-interaction Honeypots by proposing a structured framework for base-lining any high interaction Honeypot. The Honeypot base-lining process involves identification and white-listing of all the legitimate system activities and the modeling of Honeypot attack surface. The outcome of the Honeypot base-lining process is an XML file which models the Honeypot attack surface. The authors claim that this Honeypot system modeling is useful at the time of attack data analysis, as it enables the mapping of captured attacks to the vulnerabilities exposed by the Honeypot. This attack to vulnerability mapping capability helps defenders to find out what attacks targets what vulnerabilities and could also leads to the detection of the zero day vulnerabilities exploit attempt.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Information Security and Privacy
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
