Skip to main content
SpringerLink
Log in

Definition of Attack in Context of High Level Interaction Honeypots

  • Conference paper
Software Engineering in Intelligent Systems

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 349))

  • 1476 Accesses

Abstract

The concept of attack in the context of honeypots plays an important role. Based on the definition of the attack, honeypots obtain information about attackers, their targets, methods, and tools. This paper focuses on the definition of attack in context of high-interaction server honeypots. Paper proposes the definition of attack from the perspective of information security and network forensics analysis.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Spitzner, L.: The Honeynet Project: Trapping the Hackers. IEEE Security & Privacy, 15–23 (March/April 2004)

    Google Scholar 

  2. Dionaea project (2014), http://dionaea.carnivore.it/ (accessed December 1, 2014)

  3. HoneyD project (2008), http://www.honeyd.org/ (accessed December 1, 2014)

  4. Provos, N., Holz, T.: Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Addison Wesley (2007)

    Google Scholar 

  5. Joshi, R.C., Sardana, A.: Honeypots: A New Paradigm to Information Security. Science Publishers, USA (2011)

    Google Scholar 

  6. HiHAT project (2007), http://hihat.sourceforge.net/index.html (accessed December 1, 2014)

  7. Sokol, P., Zuzčák, M., Sochor, T.: Definition of Attack in the Context of Low-Level Interaction Server Honeypots. In: Park, J.J(J.H.), Stojmenovic, I., Jeong, H.Y., Yi, G. (eds.) Computer Science and Its Applications. LNEE, vol. 330, pp. 499–504. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  8. Rowe, N., Goh, H.: Thwarting cyber-attack reconaissance with inconsistency and deception. In: Proceedings of the 8th IEEE Workshop on Information Assurance, West Point, NY (2007)

    Google Scholar 

  9. Briffaut, J., Lalande, J.-F., Toinard, C.: Security and results of a large-scale high-interaction honeypot. Journal of Computers, Special Issue on Security and High Performance Computer Systems 4(5), 395–404 (2009)

    Google Scholar 

  10. Oumtanaga, S., Kimou, P., Kevin, K.G.: Specification of a model of honeypot attack based on raised data. World Acad. Sci. Eng. Technol. 23, 59–63 (2006)

    Google Scholar 

  11. Jha, S., Sheyner, O., Wing, J.M.: Two Formal Analysis of Attack Graphs. In: Proc. 15th IEEE Computer Security Foundations Workshop, CSFW 2002 (2002)

    Google Scholar 

  12. Simmonds, A., Sandilands, P., van Ekert, L.: An ontology for network security attacks. In: Manandhar, S., Austin, J., Desai, U., Oyanagi, Y., Talukder, A.K. (eds.) AACC 2004. LNCS, vol. 3285, pp. 317–323. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  13. Grudziecki, T., et al.: Proactive detection of security incidents II – Honeypots. European Network and Information Security Agency (2012), http://www.enisa.europa.eu/activities/cert/support/proactive-detection/proactive-detection-of-security-incidents-II-honeypots/at_download/fullReport (accessed December 15, 2014)

  14. Chamales, G.: The honeywall cd-rom. IEEE Secur. Privacy 2, 77–79 (2004)

    Article  Google Scholar 

  15. HonSSH project (2014), https://code.google.com/p/honssh/ (accessed December 1, 2014)

  16. Know Your Enemy: Sebek. A kernel based data capture tool (2003), http://old.honeynet.org/papers/sebek.pdf (accessed December 1, 2014)

  17. Auditd deamon (2004), http://linux.die.net/man/8/auditd (accessed December 1, 2014)

  18. Peltier, T.R.: Information Security Risk Analysis, pp. 1–21. Auerbach Publications, CRC Press LLC (2001)

    Google Scholar 

  19. Spitzner, L.: The value of honeypots, part one: Definitions and values of honeypots. Security Focus (2001), http://www.symantec.com/connect/articles/value-honeypots-part-one-definitions-and-values-honeypots (accessed December 15, 2014)

  20. ISO/IEC 27001:2013 Information technology— Security techniques — Information security management systems — Requirements

    Google Scholar 

  21. Shirey, R.: Internet Security Glossary, version 2, RFC 4949 (2007), http://tools.ietf.org/html/rfc4949 (accessed December 1, 2014)

  22. Perrin, C.: The CIA Triad (2008), http://www.techrepublic.com/blog/security/the-cia-triad/488 (accessed December 1, 2014)

  23. Stallings, W.: Network Security Essentials: Applications and Standards. Prentice Hall, Upper Saddle River (2000)

    Google Scholar 

  24. Chnadran, R.: Network Forensics. In: Spitzner, L. (ed.) Know Your Enemy: Learning about Security Threats, 2nd edn., pp. 281–325. Addison Wesley Professional (2004)

    Google Scholar 

  25. Palmer, G.: A Road Map for Digital Forensic Research. In: First Digital Forensic Research Workshop, Utica, New York, pp. 27–30 (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Computer Science, Faculty of Science, Pavol Jozef Šafárik University in Košice, Jesenná 5, 040 01, Kosice, Slovakia

    Pavol Sokol

  2. Department of Informatics and Computers, Faculty of Science, University of Ostrava, 30. dubna 22, 701 03, Ostrava, Czech Republic

    Matej Zuzčák & Tomáš Sochor

Authors
  1. Pavol Sokol
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Matej Zuzčák
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tomáš Sochor
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Pavol Sokol .

Editor information

Editors and Affiliations

  1. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Radek Silhavy

  2. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Roman Senkerik

  3. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Zuzana Kominkova Oplatkova

  4. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Zdenka Prokopova

  5. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Petr Silhavy

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Sokol, P., Zuzčák, M., Sochor, T. (2015). Definition of Attack in Context of High Level Interaction Honeypots. In: Silhavy, R., Senkerik, R., Oplatkova, Z., Prokopova, Z., Silhavy, P. (eds) Software Engineering in Intelligent Systems. Advances in Intelligent Systems and Computing, vol 349. Springer, Cham. https://doi.org/10.1007/978-3-319-18473-9_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-18473-9_16

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-18472-2

  • Online ISBN: 978-3-319-18473-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation