Global ETD Search

1	State of the Art Botnet-Centric Honeynet Design Syers, John, III 16 January 2010 (has links) The problem of malware has escalated at a rate that security professionals and researchers have been unable to deal with. Attackers savage the information technology (IT) infrastructure of corporations and governments with impunity. Of particular significance is the rise of botnets within the past ten years. In response, honeypots and honeynets were developed to gain critical intelligence on attackers and ultimately to neutralize their threats. Unfortunately, the malware community has adapted, and strategies used in the early half of the decade have diminished significantly in their effectiveness. This thesis explores the design characteristics necessary to create a honeynet capable of reversing the current trend and defeating botnet countermeasures. This thesis finds that anti-virtual machine detection techniques along with appropriate failsafes are essential to analyze modern botnet binaries. honeynets honeypots botnets
2	Deceptive Environments for Cybersecurity Defense on Low-power Devices Kedrowitsch, Alexander Lee 05 June 2017 (has links) The ever-evolving nature of botnets have made constant malware collection an absolute necessity for security researchers in order to analyze and investigate the latest, nefarious means by which bots exploit their targets and operate in concert with each other and their bot master. In that effort of on-going data collection, honeypots have established themselves as a curious and useful tool for deception-based security. Low-powered devices, such as the Raspberry Pi, have found a natural home with some categories of honeypots and are being embraced by the honeypot community. Due to the low cost of these devices, new techniques are being explored to employ multiple honeypots within a network to act as sensors, collecting activity reports and captured malicious binaries to back-end servers for later analysis and network threat assessments. While these techniques are just beginning to gain their stride within the security community, they are held back due to the minimal amount of deception a traditional honeypot on a low-powered device is capable of delivering. This thesis seeks to make a preliminary investigation into the viability of using Linux containers to greatly expand the deception possible on low-powered devices by providing isolation and containment of full system images with minimal resource overhead. It is argued that employing Linux containers on low-powered device honeypots enables an entire category of honeypots previously unavailable on such hardware platforms. In addition to granting previously unavailable interaction with honeypots on Raspberry Pis, the use of Linux containers grants unique advantages that have not previously been explored by security researchers, such as the ability to defeat many types of virtual environment and monitoring tool detection methods. / Master of Science security deception honeypots containers
3	Exploring Extensions Of Traditional Honeypot Systems And Testing The Impact On Attack Profiling McGrew, Robert Wesley 10 December 2005 (has links) This thesis explores possibilities for extending the features of honeypot systems to decrease the chance of an attacker discovering that they have compromised a honeypot. It is proposed that by extending the period of time that an attacker spends on a honeypot oblivious to its status, more information relevant to profiling the attacker can be gained. Honeypots are computer systems that are deployed in a way that attackers can easily compromise them. These systems, which contain no production data, are useful both as early warning systems for attacks on production systems, and for studying the tools, techniques, and motives of attackers. Current honeypot systems mitigate the risks of running a honeypot by restricting out-bound traffic in a way that might be obvious to an attacker. The extensions proposed for honeypots will be tested in a controlled laboratory environment. Redirection Profiling Attack Honeypots Security
4	Implementing Honeypots to Build Risk Profiles for IoT Devices in a Home-Based Environment Kula, Michal Damian January 2021 (has links) Honeypots have been implemented in network security for years now, from the simplesystems where they could only mimic one vulnerable service and gather information aboutan intruder they have morphed in to advanced and complicated environments.Unfortunately, hackers have not left that untouched, and constantly try to detect honeypotsbefore being caught. This ongoing battle can be damaging to unexperienced internet users,who have no idea about securing devices in their small home-based network environment.The purpose of this research is to perform a technical study using IoT devices placed in a homeenvironment in a specially separated segment, and capture traffic between them and externalagents. This data is then analysed and used to build risk profiles of tested IoT devices aimingto provide security recommendations.The results indicate creating risk profiles for IoT devices could be used to gather more preciseinformation about external attacks and provide instant answer to what type of attacks couldbe generated against a selected IoT device. More development would be required to improvethis process, this includes redesign of the network and an automatic software-based toolcapable of generating risk profiles. IoT Honeypots Cyber Security Home-Based Honeypots Security Profiles Information Systems
5	Honeypots in network security Akkaya, Deniz, Thalgott, Fabien January 2010 (has links) <p>Day by day, more and more people are using internet all over the world. It is becoming apart of everyone’s life. People are checking their e-mails, surfing over internet, purchasinggoods, playing online games, paying bills on the internet etc. However, while performingall these things, how many people know about security? Do they know the risk of beingattacked, infecting by malicious software? Even some of the malicious software arespreading over network to create more threats by users. How many users are aware of thattheir computer may be used as zombie computers to target other victim systems? Astechnology is growing rapidly, newer attacks are appearing. Security is a key point to getover all these problems. In this thesis, we will make a real life scenario, using honeypots.Honeypot is a well designed system that attracts hackers into it. By luring the hackerinto the system, it is possible to monitor the processes that are started and running on thesystem by hacker. In other words, honeypot is a trap machine which looks like a realsystem in order to attract the attacker. The aim of the honeypot is analyzing, understanding,watching and tracking hacker’s behaviours in order to create more secure systems.Honeypot is great way to improve network security administrators’ knowledge and learnhow to get information from a victim system using forensic tools. Honeypot is also veryuseful for future threats to keep track of new technology attacks.</p> Honeypot hacking security forensic analysis of honeypots network Computer science Datavetenskap
6	Deployment of Low Interaction Honeypots in University Campus Network Chairetakis, Eleftherios, Alkudhir, Bassam, Mystridis, Panagiotis January 2013 (has links) Large scale networks face daily thousands of network attacks. No matter the strength of the existing security defending mechanisms, these networks remain vulnerable, as new tools and techniques are being constantly developed by hackers. A new promising technology that lures the attackers in order to monitor their malicious activities and divulge their intentions is emerging with Virtual Honeypots. In the present thesis, we examine an extensive security mechanism based on three different open source low interaction honeypots. We implement this mechanism at our university campus network in an attempt to identify the potential threats and methods used against our network. The data gathered by our honeypots reveal valuable information regarding the types of attacks, the vulnerable network services within the network and the malicious activities launched by attackers. low interaction honeypots deception university campus network network attacks
7	Intelligent Honeypot Agents for Detection of Blackhole Attack in Wireless Mesh Networks Prathapani, Anoosha January 2010 (has links) No description available. Electrical Engineering AODV BLACKHOLE HONEYPOTS MALICIOUS SPOOFED WIRELESS MESH NETWORKS
8	An evaluation of Honeypots with Compliant Kubernetes Eriksson, Oscar January 2023 (has links) This thesis evaluates different honeypot technologies and how they can be integrated into Compliant Kubernetes (CK8s), a secure open-source distribution of Kubernetes designed to address various compliance and regulatory requirements. The thesis identifies and compares the features, metrics, and suitability of several candidate honeypots for CK8s based on a literature survey and experimental testing. The thesis also discusses the value and challenges of using honeypots in cloud environments and the legal and ethical issues involved. The main findings of the thesis are that ContainerSSH is the most mature, user-friendly, and Kubernetes-compatible honeypot among the candidates, and that honeypots can provide useful threat intelligence and security awareness for cloud systems. honeypots Kubernetes cloud security compliance Computer Sciences Datavetenskap (datalogi)
9	SAMARA SOCIEDADE DE AGENTES PARA A MONITORAÇÃO DE ATAQUES E RESPOSTAS AUTOMATIZADAS / SAMARA SOCIETY OF AGENTS FOR THE MONITORING OF ATTACKS AND AUTOMATIZED ANSWERS OLIVEIRA, Antonio Alfredo Pires 17 June 2005 (has links) Made available in DSpace on 2016-08-17T14:52:58Z (GMT). No. of bitstreams: 1 Antonio Alfredo Pires Oliveira.pdf: 8225871 bytes, checksum: c2e6155a7365443f49c0172bf39c5dac (MD5) Previous issue date: 2005-06-17 / The traditional security techniques applied in computer networks try to block attacks (using firewalls) or to detect them as soon as they happen (using Intrusion Detection Systems). Both are of recognized value, however, they have limitations. In that sense, there is to innovate as for techniques and defense tactics, as well as the tools and technologies that complement the traditional mechanisms applied in network and computer security. One of these solutions have been using honeypots (networks traps) to collect information, motives, tactics and tools used in malicious network activities and distributed systems. This research work introduce an architecture for automated incident response, called SAMARA, based on honeypots and intelligent agents, created to support the functional requisites of decoy server and honeynet agents proposed for NIDIA Project Network Intrusion Detection System based on Intelligent Agents [18], but that can be adjust to others detection, prevention and reaction approaches of security incidents in network and distributed systems. / As técnicas tradicionais de segurança aplicadas em redes de computadores tentam bloquear ataques (utilizando firewalls) ou detectá- los assim que eles ocorrem (utilizando Sistemas de Detecção de Intrusos). Ambas são de reconhecido valor, porém, têm seus limites. Nesse sentido, há que se inovar em relação às técnicas e táticas de defesas, bem como em ferramentas e tecnologias que complementem os mecanismos tradicionais aplicados em segurança de redes e computadores. Uma dessas soluções tem sido o uso de honeypots (armadilhas de redes) na coleta de informações, motivos, táticas e ferramentas utilizadas em atividades maliciosas em redes e sistemas distribuídos. Este trabalho introduz a arquitetura de respostas automatizadas a incidentes de segurança, denominada SAMARA, que é baseada em honeypots e agentes inteligentes, concebida para atender os requisitos funcionais dos agentes decoy server e honeynet propostos para o Projeto NIDIA Network Intrusion Detection System based on Intelligent Agents [18], mas que pode se ajustar a outras abordagens de detecção e prevenção e reação a incidentes de segurança em redes e sistemas distribuídos. Segurança de Redes Armadilhas de Redes Honeypots Honeynet Agentes Inteligentes Network Security Network Traps Honeypots Honeynet Intelligent Agents
10	Collaborative intrusion prevention Chung, Pak Ho 02 June 2010 (has links) Intrusion Prevention Systems (IPSs) have long been proposed as a defense against attacks that propagate too fast for any manual response to be useful. While purely-network-based IPSs have the advantage of being easy to install and manage, research have shown that this class of systems are vulnerable to evasion [70, 65], and can be tricked into filtering normal traffic and create more harm than good [12, 13]. Based on these researches, we believe information about how the attacked hosts process the malicious input is essential to an effective and reliable IPS. In existing IPSs, honeypots are usually used to collect such information. The collected information will then be analyzed to generate countermeasures against the observed attack. Unfortunately, techniques that allow the honeypots in a network to be identified ([5, 71]) can render these IPSs useless. In particular, attacks can be designed to avoid targeting the identified honeypots. As a result, the IPSs will have no information about the attacks, and thus no countermeasure will ever be generated. The use of honeypots is also creating other practical issues which limit the usefulness/feasibility of many host-based IPSs. We propose to solve these problems by duplicating the detection and analysis capability on every protected system; i.e., turning every host into a honeypot. / text Intrusion Prevention Systems IPS Honeypots Network-based Host-based Attacks Networks Protected systems

Search results