Abstract
The importance of network security is rapidly increasing as more and more business is conducted via these systems. The proposed honeynet system can be used to detect bots or malware based on the evaluation of events occurring within a computer network. A honeypot is a trap set to detect, deflect or in some manner counteract attempts at unauthorized access to information systems. A honeynet (a network consisting of 2 or more honeypots) is used for surveillance of larger or more diverse networks for which one honeypot may not be sufficient. The detection algorithms of these systems are based on signatures derived from the analysis of various types of malicious software. The proposed honeynet system is a combination of a post intrusion detection system and a files analyzer. It has been implemented using multi-agent technology.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Piotrowski, M.: The protection of computer networks through technology honeypot (2007) (in Polish)
Rush, M., Orebaugh, A., Clark, G., Pinkard, B., Babbin, J.: Intrusion Prevention and Active Response - Deploying Network and Host IPS (2005)
Erickson, J.: Hacking: The Art of Exploitation (2008)
Holz, T., Dornseif, M.: Hands on Honeypot Technology, Black Hat 2005 (2005), http://blackhat.com
Yang, G., Rong, C., Dai, Y.: A Distributed Honeypot System for Grid Security. In: Li, M., Sun, X.-H., Deng, Q.-n., Ni, J. (eds.) GCC 2003. LNCS, vol. 3032, pp. 1083–1086. Springer, Heidelberg (2004)
Barford, P., Chen, Y., Li Goyal, Z.: Employing Honeynets For Network Situational Awareness (2010)
Tang, H., Zhu, B., Ren, K.: A New Approach to Malware Detection. In: Park, J.H., et al. (eds.) ISA 2009. LNCS, vol. 5576, pp. 229–238. Springer, Heidelberg (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Szczepanik, M., Jóźwiak, I. (2010). Detecting Malwares in Honeynet Using a Multi-agent System. In: Zavoral, F., Yaghob, J., Pichappan, P., El-Qawasmeh, E. (eds) Networked Digital Technologies. NDT 2010. Communications in Computer and Information Science, vol 88. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14306-9_40
Download citation
DOI: https://doi.org/10.1007/978-3-642-14306-9_40
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14305-2
Online ISBN: 978-3-642-14306-9
eBook Packages: Computer ScienceComputer Science (R0)