Global ETD Search

1	Honeypot pro rodinu bezdrátových komunikačních protokolů IEEE 802.11 / Honeypot for wireless communication protocols of IEEE 802.11 family Řezáč, Michal January 2020 (has links) Objective of this master thesis solves possible way of WiFi Honeypot realisation, which is constructed to detecet malicious network activity and attacks in radio environment that uses a set of IEEE 802.11 protocols. A specific configuration was created on the mITX format motherboard and contains scripts and software for data collection, analysis and its evaluation. Based on information and knowledge about specific network attacks it is possible to identify data traffic leading to anomalies and detect possible network attack. The final device was tested in real use for long-term data collection and evaluation of network activity in the given location. This fulfills the main goal of this work, which is implementation of WiFi Honeypot with support for IEEE 802.11 protocols and with possible deployment for real use. IEEE 802.11; Honeypot; WiFi Honeypot
2	Bezpečnostní technologie: Honeypot / Security technology: Honeypot Buriánek, Adam January 2016 (has links) The result of the thesis is to characterize the safety technology honeypots, presentation of their capability to monitor security attacks, finding motivation of the attackers and their techniques. The theoretical part of solving the problems of the thesis is based on the study and analysis of mostly foreign expert information resources. The practical part is based on the specification and implementation of the most famous Honeypot on the Internet and the subsequent analysis of logs. The benefit of the thesis are the results that have been offered and the network security specialists for analysis and automatic recording of threats to records third-party servers. honeypot; bezpečnost; malware
3	HoneyPLC: A Next-Generation Honeypot for Industrial Control Systems January 2020 (has links) abstract: Utilities infrastructure like the electric grid have been the target of more sophisticated cyberattacks designed to disrupt their operation and create social unrest and economical losses. Just in 2016, a cyberattack targeted the Ukrainian power grid and successfully caused a blackout that affected 225,000 customers. Industrial Control Systems (ICS) are a critical part of this infrastructure. Honeypots are one of the tools that help us capture attack data to better understand new and existing attack methods and strategies. Honeypots are computer systems purposefully left exposed to be broken into. They do not have any inherent value, instead, their value comes when attackers interact with them. However, state-of-the-art honeypots lack sophisticated service simulations required to obtain valuable data. Worst, they cannot adapt while ICS malware keeps evolving and attacks patterns are increasingly more sophisticated. This work presents HoneyPLC: A Next-Generation Honeypot for ICS. HoneyPLC is, the very first medium-interaction ICS honeypot, and includes advanced service simulation modeled after S7-300 and S7-1200 Siemens PLCs, which are widely used in real-life ICS infrastructures. Additionally, HoneyPLC provides much needed extensibility features to prepare for new attack tactics, e.g., exploiting a new vulnerability found in a new PLC model. HoneyPLC was deployed both in local and public environments, and tested against well-known reconnaissance tools used by attackers such as Nmap and Shodan's Honeyscore. Results show that HoneyPLC is in fact able to fool both tools with a high level of confidence. Also, HoneyPLC recorded high amounts of interesting ICS interactions from all around the globe, proving not only that attackers are in fact targeting ICS systems, but that HoneyPLC provides a higher level of interaction that effectively deceives them. / Dissertation/Thesis / Masters Thesis Computer Science 2020 Computer science honeypot ICS PLC
4	SS7 Honeypoty - proaktivní ochrana proti podvodům v mobilních sítích / SS7 Honeypots - Proactive Mobile Networks Fraud Protection Kubiš, Juraj January 2020 (has links) This diploma thesis deals with the issue of attacks and fraud against mobile networks, with the main aim being implementation of a honeypot-type tool possessing the ability to respond to these accordingly. Thus, this thesis contains a basic introduction into mobile networks, their topology and commonly used protocols, along with analysis of their general security. This is followed by a clarification of the term honeypot itself, with an explanation of motivations for its deployment into the networks, together with listing of advantages and disadvantages such deployment may bring. The rest of the thesis deals with the actual implementation of such tool, specifically with its design, realisation and testing. This thesis presents a method for responding to the supported frauds, a detailed description of the implementation, configuration and outputs of the tool. The process of testing whether the implementation corresponds to the presented design is described here. The implemented tool is evaluated and its further possible improvements are discussed. SS7; fraud; GSM; honeypot; podvod
5	Identiﬁering och analys av botnät med hjälp av aktiva säkerhetssystem / Identification and analysis of botnets with the help of active security systems Mynarski, Pawel, Carlsson, Oscar January 2012 (has links) Botnät är idag ett växande hot mot IT-säkerhet. Myndigheter, företag och stora organisationer utsätts dagligen för olika typer av attacker orsakade av botnät och rapporter i media redogör för endast en bråkdel av incidenter som inträffar på Internet. Säkerhetsföretag uppskattar att miljoner av datorer ingår idag i ett eller flera botnät. Bekämpningen av botnät är en komplicerad uppgift på grund av botnätens omfattning och komplexitet. Första steget i processen är identifiering och analys av sådana nätverk. I detta syfte har olika system skapats och s.k. \emph{honeypot}-system är några av dem. \emph{Honeypots} simulerar sårbarheter i nätverkstjänster och samlar in information om intrångsförsök utförda mot dessa tjänster. Honeypot-system har visat sig vara effektiva verktyg särskilt när det gäller detektering av attacker och insamling av data. Sådana lösningar har stor potential och kan utvecklas till att bli ännu mer produktiva genom att tillsammans med externa säkerhetstjänster utföra aktiva analyser av insamlad data om botnätsanslutna enheter. Det här arbetet fokuserar just på tjänster och system som kan användas för att identifiera och analysera botnät för att ta reda på vilken data är möjlig att samla in. På en relativt kort tid lyckades vi registrera över 1 miljon anslutningar från 6757 unika IP-adresser till vår honeypot och på så sätt har vi visat att även med små resurser och enbart fritt tillgänglig programvara och webbtjänster kan man identifiera och kartlägga botnät. Conficker har visat sig vara det mest dominanta botnätet och informationen som vi har lyckats samla in var i hög grad relaterad till attackerna från det botnätverket. Detta resulterade i att nästan all insamlad data var ganska ensidig då en viss typ av malware, vissa nätverkstjänster och några specifika länder var gravt överrepresenterade. botnät honeypot sandbox Computer Sciences Datavetenskap (datalogi)
6	HoneyRAN : A Medium-Interaction Honeypot for Radio Access Networks Mimicking a Command-Line Interface in a Baseband Unit / HoneyRAN : En medelinteraktion honungskruka för radioaccessnät som imiterar en kommandoradsgränssnitt i en basbandsenhet Cho, Daniel January 2021 (has links) There is a lack of understanding of the threat vectors and attacks in Radio Access Network (RAN) systems. In addition, there is a lack of knowledge in adversary behaviour and tactics in RAN. To gain an increased understanding of the threat landscape in RANs and potentially increase the overall security for RANs, this thesis project designed, implemented, and evaluated a honeypot for Ericsson’s RAN. Developing a suitable honeypot required an initial literature study of honeypots, RANs, and Long-Term Evolution (LTE) networks. In addition, previous research and work related to this topic were included in the literature study. The open-source Secure Shell Protocol (SSH) honeypot project, Cowrie, was used as a fundamental building block for the honeypot. Moreover, a high-level architecture of the honeypot system (HoneyRAN) was designed and used as a basis for the implementation process. For evaluating the honeypot, a penetration test was conducted in which an internal Ericsson penetration tester evaluated the honeypot. The Elasticsearch, Logstash, and Kibana (ELK) stack was utilised to facilitate log analysis. The results from the penetration test were better than expected and are promising as HoneyRAN achieved the three claimed goals/objectives: understanding adversarial behaviour and tactics, stalling the adversaries, and early detection of attacks. The outcome of the evaluation suggests that HoneyRAN is a good initial approach for increasing the overall security of RANs and that honeypots are an effective deception technique for stalling attackers. The conclusions from the evaluation of HoneyRAN are that HoneyRAN’s implementation using Cowrie achieved an essential desired outcome, namely realism, deception strategies are essential to implement deception techniques (such as honeypots) effectively, and the design and implementation choices of HoneyRAN provides a foundation for other solutions. / Det finns begränsad förståelse för hotvektorer och attacker i RAN system. Dessutom finns det även begränsad kunskap om fientlig beteende och taktiker som används i RAN. För att få en ökad förståelse för de hotbilderna som finns i RAN så designade, implementerade och utvärderade detta avhandlingsprojekt en så kallad honungskruka för Ericssons RAN. Att utveckla en lämplig honungskruka krävde en inledande litteraturstudie på honungskrukor, RAN, och LTE nätverk. I litteraturstudien krävdes det även att man utförde en forskning om tidigare forskning och arbeten relaterat till detta ämne. En översikt på de komponenter som behövdes för att implementera honungskrukan (HoneyRAN) skapades och användes som grund för implementeringsprocessen. För att utvärdera systemet genomfördes ett penetrationstest som utfördes av en intern penetrationstestare på Ericsson. ELK stack användes för att underlätta logganalys. Resultaten från penetrationstestet var bättre än förväntat och är lovande eftersom honungskrukan uppnådde de tre påstådda målen: att få en förståelse av fientlig beteende och taktik, att uppehålla motståndarna, och att upptäcka tidiga faser av attacker. Dessutom tyder resultatet på att HoneyRAN är ett bra första steg till att öka den övergripande säkerheten i RAN och att honungskrukor är en effektiv vilseledningsteknik för att uppehålla attackerare. Slutsatserna från utvärderingen av HoneyRAN är att användingen av Cowrie uppnådde en väsentlig faktor, nämligen att HoneyRAN ser realistisk ut, vilseledningsstrategier är viktiga för att kunna effektivt implementera en honungskruka, och designvalen som togs för implementeringen av Honey- RAN kan utgöra en grund för framtida lösningar att bygga vidare på. Honeypot HoneyRAN Medium Interaction Honeypot Cowrie SSH Honeypot RAN Honeypot RAN security Honungskruka HoneyRAN Medelinteraktion honungskruka Cowrie SSH honungskruka RAN honungskruka RAN säkerhet Computer Sciences Datavetenskap (datalogi)
7	Monitorování síťových útoků pomocí systémů honeypot / Monitoring of network attacks with honeypot systems Krula, Jiří January 2016 (has links) This thesis focuses on the topic of honeypots technology and their use for network attacks monitoring. It theoretically analyzes the honeypots and their variants honeynet and honeytoken. The practical part describes how to deploy two open source solutions of honeypot, Kippo and Dionaea. Kippo honeypot can be classified, despite its limitations, as a high interactive honeypot. This solution emulates the SSH service and it is primarily intended for the detection and capture of brute force attacks on the service. Dionaea is a honeypot designed primarily for capturing malware. It aims to capture malware in the trap using the vulnerabilities of offered and exposed network services with the aim to obtain a copy of the malware for subsequent analysis. Data obtained from the real deployment of the proposed solutions are presented and measures in relation to the SIEM instruments are proposed as well as improved security of the protected network.
8	Honeypots in network security Akkaya, Deniz, Thalgott, Fabien January 2010 (has links) <p>Day by day, more and more people are using internet all over the world. It is becoming apart of everyone’s life. People are checking their e-mails, surfing over internet, purchasinggoods, playing online games, paying bills on the internet etc. However, while performingall these things, how many people know about security? Do they know the risk of beingattacked, infecting by malicious software? Even some of the malicious software arespreading over network to create more threats by users. How many users are aware of thattheir computer may be used as zombie computers to target other victim systems? Astechnology is growing rapidly, newer attacks are appearing. Security is a key point to getover all these problems. In this thesis, we will make a real life scenario, using honeypots.Honeypot is a well designed system that attracts hackers into it. By luring the hackerinto the system, it is possible to monitor the processes that are started and running on thesystem by hacker. In other words, honeypot is a trap machine which looks like a realsystem in order to attract the attacker. The aim of the honeypot is analyzing, understanding,watching and tracking hacker’s behaviours in order to create more secure systems.Honeypot is great way to improve network security administrators’ knowledge and learnhow to get information from a victim system using forensic tools. Honeypot is also veryuseful for future threats to keep track of new technology attacks.</p> Honeypot hacking security forensic analysis of honeypots network Computer science Datavetenskap
9	Captura e análise de tráfego malicioso em ambientes VoIP utilizando um honeypot de baixa interatividade Vargas, Ivan Riboldi Jordão da Silva January 2013 (has links) Orientador: João Henrique Kleinschmidt / Dissertação (mestrado) - Universidade Federal do ABC. Programa de Pós-Graduação em Engenharia da Informação, 2013 HONEYPOT VOIP
10	Contributions of honeyports to network security Pepakayala, Sagar January 2007 (has links) <p>A honeypot is an attractive computer target placed inside a network to lure the attackers into it. There are many advantages of this technology, like, information about attacker's tools and techniques can be fingerprinted, malicious traffic can be diverted away from the real target etc. With the increased activity from the blackhat community day by day, honeypots could be an effective weapon in the</p><p>network security administrator's armor. They have been studied rigorously during the past few years as a part of the security</p><p>industry's drive to combat malicious traffic. While the whitehats are trying to make honeypots stealthier, blackhats are coming up with techniques to identify them (therefore nullifying any</p><p>further use) or worse, use them in their favor. The game is on. The goal of this thesis is to study different architectural issues regarding honeypot deployment, various stages in utilizing honeypots like forensic analysis etc. Other concepts like IDSs and firewalls which are used in conjunction with honeypots are also discussed, because security is about cooperation among different security components. In the security industry, it is customary for whitehats to watch what blackhats are doing and vice versa. So the thesis</p><p>discusses recent techniques to defeat honeypots and risks involved in deploying honeypots. Commercial viability of honeypots and business cases for outsourcing honeypot maintenance are presented. A great interest from the security community about honeypots has propelled the research and resulted in various new and innovative applications of honeypots. Some of these applications, which made an impact, are discussed. Finally, future directions in research in honeypot technology are perused.</p> Honeypot honeynet cyber-deception IDS Computer science Datavetenskap

Search results