{"title":"蜜罐作为网络情报来源的初步研究","authors":"U. Bilstrup, M. Rosenberg","doi":"10.1109/EISIC.2013.56","DOIUrl":null,"url":null,"abstract":"There will always be a security gap between our ability to secure our networks and the actual level of security needed. When securing our networks we need good intelligence to direct our efforts and focus on the right spots. We need to find those spots and they can be found, with the right tools. Survival time is a method that provides possibilities to make decisions concerning information security risks based on true knowledge and hard facts, in a repeatable and scientific manner. This presented work aim to investigate the possibility to use survival time of an unprotected system as an intelligence source and measure the current survival time for a given unprotected system. By the deployment of a decoy, an unprotected system, data is captured and collected through port monitoring. Mainly focus lie on building a time curve presenting the estimated time for an unprotected public system to get detected on the Internet and the elapsed time hence the system gets attacked.","PeriodicalId":229195,"journal":{"name":"2013 European Intelligence and Security Informatics Conference","volume":"55 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Pilot Study of Using Honeypots as Cyber Intelligence Sources\",\"authors\":\"U. Bilstrup, M. Rosenberg\",\"doi\":\"10.1109/EISIC.2013.56\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"There will always be a security gap between our ability to secure our networks and the actual level of security needed. When securing our networks we need good intelligence to direct our efforts and focus on the right spots. We need to find those spots and they can be found, with the right tools. Survival time is a method that provides possibilities to make decisions concerning information security risks based on true knowledge and hard facts, in a repeatable and scientific manner. This presented work aim to investigate the possibility to use survival time of an unprotected system as an intelligence source and measure the current survival time for a given unprotected system. By the deployment of a decoy, an unprotected system, data is captured and collected through port monitoring. Mainly focus lie on building a time curve presenting the estimated time for an unprotected public system to get detected on the Internet and the elapsed time hence the system gets attacked.\",\"PeriodicalId\":229195,\"journal\":{\"name\":\"2013 European Intelligence and Security Informatics Conference\",\"volume\":\"55 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-08-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 European Intelligence and Security Informatics Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EISIC.2013.56\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 European Intelligence and Security Informatics Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EISIC.2013.56","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Pilot Study of Using Honeypots as Cyber Intelligence Sources
There will always be a security gap between our ability to secure our networks and the actual level of security needed. When securing our networks we need good intelligence to direct our efforts and focus on the right spots. We need to find those spots and they can be found, with the right tools. Survival time is a method that provides possibilities to make decisions concerning information security risks based on true knowledge and hard facts, in a repeatable and scientific manner. This presented work aim to investigate the possibility to use survival time of an unprotected system as an intelligence source and measure the current survival time for a given unprotected system. By the deployment of a decoy, an unprotected system, data is captured and collected through port monitoring. Mainly focus lie on building a time curve presenting the estimated time for an unprotected public system to get detected on the Internet and the elapsed time hence the system gets attacked.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
