iv Execute the auto run shell script to push the honeyd logs data into the

Iv execute the auto run shell script to push the

This preview shows page 7 - 9 out of 10 pages.

iv. Execute the auto-run shell-script to push the honeyd logs data into the database. This will invoked by the cron. v. Login to the web interface to view the attack patterns and analyse the data for extraction of good quality signature. To enable the Security Administrator to select the suspicious data, the web GUI has the following features: - i) Ability to display packet information from the database. ii) Ability to display real time network traffic from data stored in database, as well as historical traffic statistics. iii) Display the ports, which were attacked within a certain time range. iv) Now here the main scenario which remote IP-addresses were "visited" by Honeypot in a certain time range. Here it's possible to specify a port number to show activity on a specific port. v) A textual hit statistic over a certain time range. By specifying an IP or a port number it is possible to focus on specific events. iii. Signature Extraction: The graphical interface has support for application of LCS algorithm the data of interest while present system apply LCS algorithm on whole data. The process of finding attack signatures not fully automated rather it also depends upon security administrator’s (SA) wisdom and experience. The SA can choose the traffic on which the LCS algorithm is to be applied. The Resulting precise signature will give less number of false positive and false negatives. The steps followed for finding the good quality attack signature are as follows:- a. Identify the data of interest from the database by looking at the web GUI. This is the all about description about the signature extraction technique by detecting the intruder from the Graphic websites. b. Analyze combined data from different data sources that is Honeypot and Tcpdump For each received packet initiate the following sequence of activities:- i) Identify data of interest (i.e. of significance) from the database by looking at the web GUI. ii) Analyze data from sources i.e. honeypot and Tcpdump. LEGAL ISSUES PERTAINING TO HONEYPOT : Most of the research found in this area concluded that there are two major legal spectrums considering honeypots: 1. ENTRAPMENT : Entrapment is when somebody includes the criminal to do something he was not otherwise supposed to do. Honeypots should generally be used as defensive detective tool, not an offensive approach to luring intruders. 2. PRIVACY : The second major concern is what information is being tracked: operational data and transactional data. Operational data includes things like addresses of user, header information etc while transactional data includes key strokes, pages visited, information downloaded, chat records, e-mails etc.
Image of page 7

Subscribe to view the full document.

Operational data is safe to track without threats of security concern because IDS system routers and firewalls already track it. The major concern is transactional data.
Image of page 8
Image of page 9
  • Fall '19
  • sir kashif

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Ask Expert Tutors You can ask 0 bonus questions You can ask 0 questions (0 expire soon) You can ask 0 questions (will expire )
Answers in as fast as 15 minutes