Hybrid honeypot framework for malware collection and analysis

Abstract

The popularity of the Internet is rising day by day, hence the security is becoming the main focused point with the advent and rising popularity of the Internet. In this paper we are proposing an integrated framework of malware collection and analysis using both of the technologies called server honeypots and client honeypots. As the server honeypots enable us to provide the deep understanding of the server side attacks whereas client honeypots enable us to provide the deep understandings of client side attacks. During our research on honeypot technologies, our main goal was to do the analysis of collected malwares from honeypots and for this we need the malwares samples from both the honeypots known as client and server honeypots. By using this integrated framework we are able to collect both types of attacks vectors. Here we are presenting malware collection and detection using both of the honeypot technologies known as client and server Honeypots. We introduce the design and implement of this system and give the results.