Abstract
This paper provides an examination of an emerging class of security mechanisms often referred to as deception technologies or honeypots. It is based on our experience over the last four years designing and building a high, end commercial deception system called ManTrap. The paper will provide an overview of the various technologies and techniques and will examine the strengths and weaknesses of each approach. It will discuss deployment criteria and strategies and will provide a summary of our experiences designing and constructing these systems. It also presents the results of work demonstrating the feasibility and utility of a deep deception honeypot.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Symantec Enterprise Solutions. Symantec Corporation (Retrieved March 2004), http://enterprisesecurity.symantec.com/products
Honeyd – Network Rhapsody for You. Center for Information Technology Integration (Retrieved March 2004), http://www.citi.umich.edu/u/provos/honeyd/index.html
The Honeynet Project (Retrieved March 2004), http://project.honeynet.org/misc/project.html
Talisker Host Intrusion Detection System. Security Wizardry (Retrieved February 2004), http://www.networkintrusion.co.uk/HIDS.htm
Vmware (Retrieved March 2004), http://www.vmware.com
Solaris Zones. Sun Microsystems - BigAdmin (Retrieved March 2004), http://www.sun.com/bigadmin/content/zones/index.html
iButton Products: iButton Overview (Retrieved March 2004), http://www.ibutton.com/ibuttons/index.html
Stoll, C.: Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage. Pocket Books (2000)
SecurityFocus HOME Products: Cybercopy Sting (Retrieved June 2004), http://www.securityfocus.com/products/515
Cheswick, B.: An Evening with Berferd In Which a Cracker is Lured, Endured and Studied. In: Proc. Winter USENIX Conference (1992)
Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: The Spread of the Sapphire/Slammer Worm (2003), http://www.caida.org/outreach/papers/2003/sapphire/sapphire.html
Spitzner, L.: Honeypots Definitions and Value of Honeypots (Retreived June 2004), http://www.tracking-hackers.com/papers/honeypots.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hernacki, B., Bennett, J., Lofgren, T. (2004). Symantec Deception Server Experience with a Commercial Deception System. In: Jonsson, E., Valdes, A., Almgren, M. (eds) Recent Advances in Intrusion Detection. RAID 2004. Lecture Notes in Computer Science, vol 3224. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30143-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-30143-1_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23123-3
Online ISBN: 978-3-540-30143-1
eBook Packages: Springer Book Archive