ABSTRACT
Malware and Botnets in particular have risen to be premier threats to computing assets. As computer criminals continue to improve their attack methods it is essential that the security community have tools at their disposal to quickly identify and remediate these ever increasing attacks. Honeypots are increasingly becoming a tool of the trade as security administrators enhance their security and follow a security in depth model for combating security threats. In this thesis, we use interaction honeypots to study the attack behaviors of mobile devices on a "real-world" university wireless network. This research project will address this security issue by investigating effective solutions to identify compromised machines in a university network. The experimental results will presented based on using low interaction honeypots such as Honeyd in a live testing environment. In addition, various honeypots are tested and compared and our analysis will be documented as well.
- Ritu Tiwari and Abhishek Jain. 2012. Improving network security and design using honeypots. In Proceedings of the CUBE International Information Technology Conference (CUBE '12). ACM, New York, NY, USA, 847--852. Google ScholarDigital Library
- T. Reed, J. Geis and S. Dietrich, "SkyNet: a 3G-enabled mobile attack drone and stealth botmaster," in Proceedings of the 5th USENIX conference on Offensive technologies, Berkeley, CA, 2011 Google ScholarDigital Library
Index Terms
- An empirical study of botnets on university networks using low-interaction honeypots
Recommendations
Virtual honeypots and detection of telnet botnets
CECC 2018: Proceedings of the Central European Cybersecurity Conference 2018Despite recommendations to not use telnet, there is an increasing number of telnet-based botnets and a need to analyse these attacks. We deployed a network of high interaction honeypots that simulate telnet devices. From the collected data, we created a ...
Collecting Autonomous Spreading Malware Using High-Interaction Honeypots
Information and Communications SecurityAbstractAutonomous spreading malware in the form of worms or bots has become a severe threat in today’s Internet. Collecting the sample as early as possible is a necessary precondition for the further treatment of the spreading malware, e.g., to develop ...
Spamming botnets: signatures and characteristics
In this paper, we focus on characterizing spamming botnets by leveraging both spam payload and spam server traffic properties. Towards this goal, we developed a spam signature generation framework called AutoRE to detect botnet-based spam emails and ...
Comments