Proceedings ArticleDOI
Honeypot: a supplemented active defense system for network security
Feng Zhang,Shijie Zhou,Zhiguang Qin,Jinde Liu +3 more
- pp 231-235
Reads0
Chats0
TLDR
A honeypot is a supplemented active defense system for network security that traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system.Abstract:
A honeypot is a supplemented active defense system for network security. It traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound the compromised system. Integrated with other security solutions, a honeypot can solve many traditional dilemmas. We expatiate key components of data capture and data control in a honeypot, and give a classification for honeypots according to security goals and application goals. We review the technical progress and security contribution of production honeypots and research honeypots. We present typical honeypot solutions and predict the technical trends of integration, virtualization and distribution for future honeypots.read more
Citations
More filters
Proceedings ArticleDOI
Adversarial Fingerprinting of Cyber Attacks Based on Stateful Honeypots
TL;DR: The main goal is to fingerprint each attacker by observing and registering his adopted methods, tools and actions, so that the adversary is redirected to his specific environment that preserves the history of his previous operations including the installation of rootkits or backdoors.
Posted Content
An Innovative Security Strategy using Reactive Web Application Honeypot.
TL;DR: In this paper, a low interaction, adaptive, and dynamic web application honeypot that imitates the vulnerabilities through HTTP events is proposed, which creates the attack surface and sends the requests to TANNER, which evaluates them and decides how SNARE should respond to the requests.
Patent
System and method for monitoring a computer system using machine interpretable code
TL;DR: A computer implemented method of monitoring a collector computer system includes receiving machine interpretable code that is configured for interpretation by the interpreter that includes: information identifying a first set of one or more monitoring targets within the collector computer systems, a method for monitoring the first set, and predefined reporting criteria as discussed by the authors.
Posted Content
Transdisciplinary AI Observatory -- Retrospective Analyses and Future-Oriented Contradistinctions
TL;DR: In this paper, a transdisciplinary AI observatory approach integrating diverse retrospective and counterfactual views is proposed to identify unintentionally and intentionally triggered AI risks with diverse socio-psycho-technological impacts.
References
More filters
Proceedings ArticleDOI
Distributed denial of service attacks
TL;DR: It is found that under persistent denial of service attacks, class based queuing algorithms can guarantee bandwidth for certain classes of input flows.
Proceedings ArticleDOI
Implementing a distributed firewall
TL;DR: This paper presents the design and implementation of a distributed rewall using the KeyNote trust management system to specify, distribute, and resolve policy, and OpenBSD, an open source UNIX operating system.
Proceedings ArticleDOI
Anomaly Detection over Noisy Data using Learned Probability Distributions
Journal ArticleDOI
Temporal sequence learning and data reduction for anomaly detection
Terran Lane,Carla E. Brodley +1 more
TL;DR: An approach that transforms temporal sequences of discrete, unordered observations into a metric space via a similarity measure that encodes intra-attribute dependencies and demonstrates that it can accurately differentiate the profiled user from alternative users when the available features encode sufficient information.
Proceedings ArticleDOI
Temporal sequence learning and data reduction for anomaly detection
Terran Lane,Carla E. Brodley +1 more
TL;DR: An approach that transforms temporal sequences of discrete, unordered observations into a metric space via a similarity measure that encodes intra-attribute dependencies and demonstrates that it can accurately differentiate the profiled user from alternative users when the available features encode sufficient information.