Abstract
Honeynet is a framework containing more than one honeypot to provide data control, data capture, and data analysis. This framework aims to simulate a highly controllable attack or decoy for the security analysis of a network. In this paper, the Xen-based virtual machine solution is proposed to build the virtual honeynet. A virtual honeynet deploys a honeynet on a physical machine based on virtual machine technology with the advantages of low cost as well as convenient management, and maintenance features. The virtual honeynet system includes dynamic resource allocation, data control, data capture, data presentation, and analysis. It is lightweight but has high performance, which is verified with extensive experiments.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Artemis Team: Exploit and Malware Research Project, http://netsec.ccert.edu.cn/malware/. Chinese honeynet team: http://netsec.ccert.edu.cn/hacking/.
Chaware S (2011) Banking security using honeypot. Int J Netw Secur Appl 5(1):31–38
Cui Z, Karmouch A, Impey R, Gray T (2001) Approaching secure communications in a message-oriented mobile computing environment. Multimed Tool Appl 13(2):147–163
Kreibich C, Crowcroft J (2004) Honeycomb: creating intrusion detection signatures using honeypots. Comput Commun Rev :51–56
Li Y, Wan J, Ouyang R, Zhang W, Li W (2012) A secure sharing mechanism for data resources in extended virtual machine system. Int J Netw Secur Appl 6(2):299–306
Locasto M, Parekh J, Stolfo S, Keromytis A, Malkin T, Misra V (2004) Collaborative distributed intrusion detection. Tech Report CUCS-012-04, Department of Computer Science, Columbia University
Moore D, Shannon C, Brown DJ, Voelker GM, Savage S (2006) Inferring internet denial-of-service activity. ACM Trans Comput Syst :115–139
Provos N (2003) Honeyd—A virtual honeypot daemon 10th DFN-CERT Workshop, Hamburg, Germany, p 2
Singh S, Estan C, Varghese G, Savage S (2003) The early bird system for real-time detection of unknown worms. Technical Report CS2003-0761, UCSD
The Honeynet Project. http://www.honeynet.org/.
The Honeynet Project (2005) Know Your Enemy: Honeynets. http://old.honeynet.org/papers/honeynet/
The myNetWatchman Project, http://www.mynetwatchman.com.
Yegneswaran V, Barford P, Plonka D (2003) On the design and utility of internet sinks for network abuse monitoring. In Proceedings of Symposium on Recent Advances in Intrusion Detection (RAID), 146–166
Zhou Y, Zhuge J et al (2008) Matrix: A distributed honeynet and its applications, 20th Annual FIRST Conference (FIRST’08). British Columbia, Canada
Zhuge J, Han X, Chen Y, Ye Z, Zou W (2006) Towards high level attack scenario graph through honeynet data correlation analysis. In Proceedings of the 7th IEEE Workshop on Information Assurance (IAW’06), West Point, New York, USA 215–222
Acknowledgments
This work was supported by the National Basic Research Program of China under Grant No.G2011CB302605, the National Natural Science Foundation of China (NSFC) under grant No. 61173145, and the National High Technology Research and Development Program of China under Grant No. 2011AA010705.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhang, W., He, H. & Kim, Th. Xen-based virtual honeypot system for smart device. Multimed Tools Appl 74, 8541–8558 (2015). https://doi.org/10.1007/s11042-013-1499-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-013-1499-4