Welcome to the InfoSci Platform
Reference Hub3
Honeypot Baselining for Zero Day Attack Detection

Honeypot Baselining for Zero Day Attack Detection

Saurabh Chamotra, Rakesh Kumar Sehgal, Ram Swaroop Misra
Copyright: © 2017 |Volume: 11 |Issue: 3 |Pages: 12
ISSN: 1930-1650|EISSN: 1930-1669|EISBN13: 9781522511755|DOI: 10.4018/IJISP.2017070106
Cite Article Cite Article

MLA

Chamotra, Saurabh, et al. "Honeypot Baselining for Zero Day Attack Detection." IJISP vol.11, no.3 2017: pp.63-74. http://doi.org/10.4018/IJISP.2017070106

APA

Chamotra, S., Sehgal, R. K., & Misra, R. S. (2017). Honeypot Baselining for Zero Day Attack Detection. International Journal of Information Security and Privacy (IJISP), 11(3), 63-74. http://doi.org/10.4018/IJISP.2017070106

Chicago

Chamotra, Saurabh, Rakesh Kumar Sehgal, and Ram Swaroop Misra. "Honeypot Baselining for Zero Day Attack Detection," International Journal of Information Security and Privacy (IJISP) 11, no.3: 63-74. http://doi.org/10.4018/IJISP.2017070106

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Honeypots are the network sensors used for capturing the network attacks. As these sensors are solely deployed for the purpose of being attacked and compromised hence they have to be closely monitored and controlled. In the work presented in this paper the authors have addressed the problem of base-lining the high-interaction Honeypots by proposing a structured framework for base-lining any high interaction Honeypot. The Honeypot base-lining process involves identification and white-listing of all the legitimate system activities and the modeling of Honeypot attack surface. The outcome of the Honeypot base-lining process is an XML file which models the Honeypot attack surface. The authors claim that this Honeypot system modeling is useful at the time of attack data analysis, as it enables the mapping of captured attacks to the vulnerabilities exposed by the Honeypot. This attack to vulnerability mapping capability helps defenders to find out what attacks targets what vulnerabilities and could also leads to the detection of the zero day vulnerabilities exploit attempt.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.