Skip to main content
SpringerLink
Log in

Real-Time Emulation of Intrusion Victim in HoneyFarm

  • Conference paper
Book cover Content Computing (AWCC 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3309))

Included in the following conference series:

Abstract

Security becomes increasingly important. However, existing security tools, almost all defensive, have many vulnerabilities which are hard to overcome because of the lack of information about hackers techniques or powerful tools to distinguish malicious traffic from the huge volume of production traffic. Although honeypots mainly aim at collecting information about hackers’ behaviors, they are not very effective in that honeypot implementers tend to block or limit hackers’ outbound connections to avoid harming non-honeypot systems, thus making honeypots easy to be fingerprinted. Additionally, the main concern is that if hackers were allowed outbound connections, they may attack the actual servers thus the honeypot could become a facilitator of the hacking crime. In this paper we present a new method to real-time emulate intrusion victims in a honeyfarm. When hackers request outbound connections, they are redirected to the intrusion victims which emulate the real targets. This method provides hackers with a less suspicious environment and reduces the risk of harming other systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Spitzner, L.: Honeypots Definitions and Value of Honeypots, May 29 (2003), http://www.tracking-hackers.com/

  2. Spitzner, L.: Honeypots: Tracking Hackers. Addison-Wesley, Boston (2002)

    Google Scholar 

  3. Spitzner, L.: Know Your Enemy: Sebek2 A kernel based data capture tool, September 13 (2003), http://www.honeynet.org/

  4. Spitzner, L.: Hitting the Sweet Spot (July 2003)

    Google Scholar 

  5. http://www.phrack.org/fakes/p62/p62-0x07.txt

  6. Wessels, D.: Web Caching. The O’REILLY press, Sebastopol (November 2002)

    Google Scholar 

  7. Rabinovich, M., Spatscheck, O.: Web Caching and Replication, ch. 8. Addison Wesley, Reading (2002)

    Google Scholar 

  8. Davison, B.D., Rurgers: A Web Caching Primer. IEEE Internet Computing 5, 38–45 (2001)

    Article  Google Scholar 

  9. Barish, G., Obraczka, K.: World Wide Web Caching: Trends and Techniques. IEEE Communications Magazine Internet Technology Series (May 2000)

    Google Scholar 

  10. Zeng, D., Wang, F.-Y., Liu, M.: Efficient Web Content Delivery Using Proxy Caching Techniques. IEEE Transactions on Systems, Man, and Cybernetics—Part C: Applications and Reviews 34(3) (August 2004)

    Google Scholar 

  11. Wang, J.: A Survey of Web Caching Schemes for the Internet. ACM Computer Communication Review 29(5), 36–46 (1999)

    Article  Google Scholar 

  12. Malpani, R., Lorch, J., Berger, D.: Making World Wide Web Caching Servers Cooperate. In: Proceedings of the 4th International WWW Conference, Boston, MA (December 1995), http://www.w3.org/Conferences/WWW4/Papers/59/

  13. Kroeger, T.M., Long, D.D.E., Mogul, J.C.: Exploring the Bounds of Web Latency Reduction from Caching and Prefetching. In: Proceedings of the Symposium on Internet Technologies and Systems (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Software, Tsinghua University, Beijing, P.R. China

    Xing-Yun He, Kwok-Yan Lam & Jia-Guang Sun

  2. School of Business Administration, The Open University of Hong Kong,  

    Siu-Leung Chung

  3. School of Computing, National University of Singapore,  

    Chi-Hung Chi

Authors
  1. Xing-Yun He
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kwok-Yan Lam
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Siu-Leung Chung
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chi-Hung Chi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jia-Guang Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Software, Tsinghua University,  

    Chi-Hung Chi

  2. School of Software, Tsinghua University, Beijing, PR China

    Kwok-Yan Lam

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

He, XY., Lam, KY., Chung, SL., Chi, CH., Sun, JG. (2004). Real-Time Emulation of Intrusion Victim in HoneyFarm. In: Chi, CH., Lam, KY. (eds) Content Computing. AWCC 2004. Lecture Notes in Computer Science, vol 3309. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30483-8_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30483-8_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23898-0

  • Online ISBN: 978-3-540-30483-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation