XT-Pot:暴露蜜罐攻击的威胁类别

Proceedings of the 2021 International Conference on Engineering and Information Technology for Sustainable Industry Pub Date : 2020-09-28 DOI:10.1145/3429789.3429868

Ryandy Djap, Charles Lim, Kalpin Erlangga Silaen

{"title":"XT-Pot:暴露蜜罐攻击的威胁类别","authors":"Ryandy Djap, Charles Lim, Kalpin Erlangga Silaen","doi":"10.1145/3429789.3429868","DOIUrl":null,"url":null,"abstract":"As organization infrastructure is getting more complex to support its business, cyber security threat monitoring on the infrastructure for the emerging threats becomes essential. Honeypot, a decoy system, when properly deployed in the organization's network provides valuable insight into the behavior of attacker to the organization. In this research, we propose a generic framework to analyze and categorize threats collected from honeypots. These threat categories become the building block of threat intelligence to be shared used by security analyst in handling security incidents.","PeriodicalId":416230,"journal":{"name":"Proceedings of the 2021 International Conference on Engineering and Information Technology for Sustainable Industry","volume":"79 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"XT-Pot: eXposing Threat Category of Honeypot-based attacks\",\"authors\":\"Ryandy Djap, Charles Lim, Kalpin Erlangga Silaen\",\"doi\":\"10.1145/3429789.3429868\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As organization infrastructure is getting more complex to support its business, cyber security threat monitoring on the infrastructure for the emerging threats becomes essential. Honeypot, a decoy system, when properly deployed in the organization's network provides valuable insight into the behavior of attacker to the organization. In this research, we propose a generic framework to analyze and categorize threats collected from honeypots. These threat categories become the building block of threat intelligence to be shared used by security analyst in handling security incidents.\",\"PeriodicalId\":416230,\"journal\":{\"name\":\"Proceedings of the 2021 International Conference on Engineering and Information Technology for Sustainable Industry\",\"volume\":\"79 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-09-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2021 International Conference on Engineering and Information Technology for Sustainable Industry\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3429789.3429868\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2021 International Conference on Engineering and Information Technology for Sustainable Industry","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3429789.3429868","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

摘要

随着组织基础设施变得越来越复杂以支持其业务，对基础设施进行网络安全威胁监控以应对新出现的威胁变得至关重要。蜜罐，一个诱饵系统，当适当地部署在组织的网络中，为组织提供有价值的洞察攻击者的行为。在这项研究中，我们提出了一个通用框架来分析和分类从蜜罐收集的威胁。这些威胁类别成为安全分析人员在处理安全事件时共享的威胁情报的组成部分。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

XT-Pot: eXposing Threat Category of Honeypot-based attacks

As organization infrastructure is getting more complex to support its business, cyber security threat monitoring on the infrastructure for the emerging threats becomes essential. Honeypot, a decoy system, when properly deployed in the organization's network provides valuable insight into the behavior of attacker to the organization. In this research, we propose a generic framework to analyze and categorize threats collected from honeypots. These threat categories become the building block of threat intelligence to be shared used by security analyst in handling security incidents.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 2021 International Conference on Engineering and Information Technology for Sustainable Industry

自引率

0.00%

发文量