Honeypot mainly used to simulate a variety of services and holes to induced the

Honeypot mainly used to simulate a variety of

This preview shows page 2 - 4 out of 4 pages.

Honeypot mainly used to simulate a variety of services and holes, to induced the occurrence of various attacks' record attack data, real-time remote log backup. In the activ defense system, Honeypot induction strategies and deception strategy management module can also log analysis of the adjustment. Honeypot process shown in Figure 2. Figure 2. Honeypot Process IDS for network monitoring, when there is SUSplClOUS behavior, in this data package on the stamp "suspicious agreement chapter." Into the induction module, to stamping a "suspicious agreement chapter" of the data packets for analysis. When the induced module of knowledge base of their analysis identified as hacking attack or illegal operation, will be sent to cheat network, otherwise identified as normal visit be sent to inner network. ' Cheat network to provide illusion of normal work table and its monitoring test, the operation of its recorded and sent to a remote log in to, finally if the intrusion is not found, then the analysis module to update the knowledge database; if intrusion then the operation of its analysis, to further improves internal network security. VlO-300
Image of page 2

Subscribe to view the full document.

2010 International Conference on Computer Application and System Modeling (ICCASM 2010) Cheat network prototype with Honeypot, When the intruder into the deception network, in order to allow an attacker to easily find this is a trap and exit the system, which makes it impossible to obtain first-hand information, not research. Therefore, Used Honeypot in the design, two- story gateway, and accompanied by its IP space deceive technology, made at the lowest cost basis so intruders can not recognize this is a cheat system. Since the bridge is not IP protocol stack, there is no such IP address, routing traffic and TTL reducing, the presence of an intruder difficult to find bridge, and will never know that they are being analyzed and monitoring. And all traffic must pass out of the gateway, which means that a single gateway device can realize full access to communication data control and capture. Through the bridge on the rc.firewall and snort.sh the configuration script can achieved Honeynet firewall and IDS smart connection control, firewall logs and IDS logs function. Gateway has A, B, C network interface, A interface is used connected to an external firewall, receiving redirected incoming are suspicious or real intrude of the network connection; B interface is used for Honeynet internal network management and remote logs and other functions; C interface is used for Honeypot host connected for IDS based on network, real-time recording system in the Honeynet intrusions. As needed to run traffic simulation software in the bridge, the simulation flow to paralysis intruders. log is the most valuable information in Honeypot, the purpose of the establishment of honeypot is to obtain intruder information which information is recorded by analyzing the log to obtain. Honeypot system by the network IDS to record all traffic in the network, it can record data information browsing and analysis of vital importance.
Image of page 3
Image of page 4
  • Fall '19
  • sir kashif

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Ask Expert Tutors You can ask 0 bonus questions You can ask 0 questions (0 expire soon) You can ask 0 questions (will expire )
Answers in as fast as 15 minutes