research-article

Honeynet Construction Based on Intrusion Detection

Authors:

Wei ZhouAuthors Info & Claims

CSAE '19: Proceedings of the 3rd International Conference on Computer Science and Application Engineering

Article No.: 80, Pages 1 - 5

https://doi.org/10.1145/3331453.3360983

Published: 22 October 2019 Publication History

Get Access

Abstract

As a network defense technology, honeypot can take the initiative to respond to external attacks, with high reliability and convenient management. In the current complex industrial control network situation, honeypot as a defense tool can maximize the protection of data resources. In this paper, we design a honeynet-based intrusion detection system. It captures the actual traffic and uses support vector machine (SVM) algorithm to study the intrusion behavior based on the KDDCUP99 dataset. The experimental results show that the detection accuracy of intrusion behavior in the monitored network is up to 89%.

References

[1]

Galloway B and Hancke G P (2013). Introduction to Industrial Control Networks. IEEE Communications Surveys & Tutorials, 15(2):860--880.

Crossref

Google Scholar

[2]

Knapp E and Broad J (2014). Industrial network security: securing critical infrastructure networks for Smart Grid, SCADA, and other industrial control systems. Syngress

Google Scholar

[3]

K Stouffer J Falco K (2011). Scarfone "Guide to industrial control systems (ICS) security" in Washington DC USA Jun.

Google Scholar

[4]

ÁLVARO HERRERO, Zurutuza U and Corchado E A (2012). Neural-Visualization IDS For Honeynet Data. International Journal of Neural Systems, 22(02):1250005-1-1250005-18.

Crossref

Google Scholar

[5]

Harrington P (2012). Machine Learning in Action. Machine learning in action.

Google Scholar

[6]

Garnacho A R and Raya A A (2015). An Overview of Information Security. Advances In Artificial Intelligence For Privacy Protection And Security.

Google Scholar

[7]

Li H, Chen J and Jin X (2011). An outlook on network honeypot. International Conference on Computer Science & Service System. IEEE.

Google Scholar

[8]

Heng-Ru Z and Jie G (2011). Research and Design of Network Attack and Defense Platform Based on Virtual Honeynet. Computational and Information Sciences (ICCIS), 2010 International Conference on. IEEE.

Google Scholar

[9]

R Venkatesan, G Ashwin Kumar and M R Nandhan (2018). A NOVEL APPROACH TO DETECT DDOS ATTACK THROUGH VIRTUAL HONEYPOT. 2018 IEEE International Conference on System, Computation, Automation and Networking (ICSCA), Pondicherry, pp. 1--6.

Crossref

Google Scholar

[10]

Zhang X, Zeng H and Jia L (2010). Research of intrusion detection system dataset-KDD CUP99. Computer Engineering and Design, 31(22):4809--4812+4816.

Google Scholar

[11]

A M Chandrasekhar and K Raghuveer (2014). Confederation of FCM clustering, ANN and SVM techniques to implement hybrid NIDS using corrected KDD cup 99 dataset. 2014 International Conference on Communication and Signal Processing, Melmaruvathur, pp. 672--676.

Crossref

Google Scholar

[12]

Suo X, Han X and Gao Y (2014). Research on the application of honeypot technology in intrusion detection system. 2014 IEEE Workshop on Advanced Research and Technology in Industry Applications (WARTIA). IEEE.

Google Scholar

Cited By

View all

Yu TXin YZhang C(2024)HoneyFactory: Container-Based Comprehensive Cyber Deception Honeynet ArchitectureElectronics10.3390/electronics1302036113:2(361)Online publication date: 15-Jan-2024
https://doi.org/10.3390/electronics13020361
Hammoodi Hasan Kabla AAnbar MManickam SAhmed Abdulrahman Alwan AKaruppayah S(2023)Monitoring Peer-to-Peer Botnets: Requirements, Challenges, and Future WorksComputers, Materials & Continua10.32604/cmc.2023.03658775:2(3375-3398)Online publication date: 2023
https://doi.org/10.32604/cmc.2023.036587
Sun CBu YChen BZhang DChen ZLu XZhang SSun J(2022)Application of Artificial Intelligence Technology in Honeypot Technology2021 International Conference on Advanced Computing and Endogenous Security10.1109/IEEECONF52377.2022.10013349(01-09)Online publication date: 21-Apr-2022
https://doi.org/10.1109/IEEECONF52377.2022.10013349
Show More Cited By

Index Terms

Honeynet Construction Based on Intrusion Detection
1. Security and privacy
  1. Network security
    1. Denial-of-service attacks

Recommendations

In Search of Effective Honeypot and Honeynet Systems for Real-Time Intrusion Detection and Prevention
RIIT '16: Proceedings of the 5th Annual Conference on Research in Information Technology

A honeypot is a deception tool for enticing attackers to make efforts to compromise the electronic information systems of an organization. A honeypot can serve as an advanced security surveillance tool for use in minimizing the risks of attacks on ...
Detecting and Defending against Worm Attacks Using Bot-honeynet
ISECS '09: Proceedings of the 2009 Second International Symposium on Electronic Commerce and Security - Volume 01

We proposed a worm detection and defense system named bot-honeynet in this paper, which combines the best features of honeynet, anomaly detection and botnet. The combination of honeynet and anomaly detection system offers a tradeoff between false ...
Polymorphic Worm Detection Using Double-Honeynet
ICSEA '09: Proceedings of the 2009 Fourth International Conference on Software Engineering Advances

Internet worms are increasing every year, and they increasingly threaten the availability and integrity of Internet-based services. Polymorphic worms evade signature-based Intrusion Detection Systems (IDSs) by varying their payload on every infection ...

Comments

Information & Contributors

Information

Published In

CSAE '19: Proceedings of the 3rd International Conference on Computer Science and Application Engineering

October 2019

942 pages

ISBN:9781450362948

DOI:10.1145/3331453

Conference Chair:
Ali Emrouznejad,
Program Chair:
Zeshui Xu

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 October 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

key laboratory of network assessment technology of Institute of Information Engineering, Chinese Academy of Sciences.
National Key Research and Development Plan
Key Lab of Information Network Security, Ministry of Public Security
Special fund on education and teaching reform of Besti
the Fundamental Research Funds for the Central Universities

Conference

CSAE 2019

CSAE 2019: The 3rd International Conference on Computer Science and Application Engineering

October 22 - 24, 2019

Sanya, China

Acceptance Rates

Overall Acceptance Rate 368 of 770 submissions, 48%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
197
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)2

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Yu TXin YZhang C(2024)HoneyFactory: Container-Based Comprehensive Cyber Deception Honeynet ArchitectureElectronics10.3390/electronics1302036113:2(361)Online publication date: 15-Jan-2024
https://doi.org/10.3390/electronics13020361
Hammoodi Hasan Kabla AAnbar MManickam SAhmed Abdulrahman Alwan AKaruppayah S(2023)Monitoring Peer-to-Peer Botnets: Requirements, Challenges, and Future WorksComputers, Materials & Continua10.32604/cmc.2023.03658775:2(3375-3398)Online publication date: 2023
https://doi.org/10.32604/cmc.2023.036587
Sun CBu YChen BZhang DChen ZLu XZhang SSun J(2022)Application of Artificial Intelligence Technology in Honeypot Technology2021 International Conference on Advanced Computing and Endogenous Security10.1109/IEEECONF52377.2022.10013349(01-09)Online publication date: 21-Apr-2022
https://doi.org/10.1109/IEEECONF52377.2022.10013349
Felix MSafitri CMandala R(2022)Framework for Analyzing Intruder Behavior of IoT Cyber Attacks Based on Network Forensics by Deploying Honeypot Technology2022 5th International Conference on Information and Communications Technology (ICOIACT)10.1109/ICOIACT55506.2022.9971886(423-428)Online publication date: 24-Aug-2022
https://doi.org/10.1109/ICOIACT55506.2022.9971886
Rashid SHaq AHasan SFurhad MAhmed MUllah A(2022)Faking smart industry: exploring cyber-threat landscape deploying cloud-based honeypotWireless Networks10.1007/s11276-022-03057-yOnline publication date: 18-Jul-2022
https://doi.org/10.1007/s11276-022-03057-y
Shaohui MTuerhong GWushouer MYibulayin T(2021) PCA mix‐based Hotelling's T 2 multivariate control charts for intrusion detection system IET Information Security10.1049/ise2.1205116:3(161-177)Online publication date: 3-Dec-2021
https://doi.org/10.1049/ise2.12051
Fu QYao YSheng CYang W(2020)Interplay Between Malware Epidemics and Honeynet Potency in Industrial Control System NetworkIEEE Access10.1109/ACCESS.2020.29896128(81582-81593)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.2989612

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

In Search of Effective Honeypot and Honeynet Systems for Real-Time Intrusion Detection and Prevention

Detecting and Defending against Worm Attacks Using Bot-honeynet

Polymorphic Worm Detection Using Double-Honeynet

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations