{"title":"秘密发现黑客:预测蜜罐系统的指纹攻击","authors":"N. Naik, Paul Jenkins","doi":"10.1109/SYSENG.2018.8544408","DOIUrl":null,"url":null,"abstract":"Cybersecurity is becoming increasingly challenging due to escalating security attacks on networks. A honeypot system is an effective entrapment mechanism for collecting information about these attacks and attackers. Nonetheless, one of the biggest risks to the honeypot system is the possibility of being fingerprinted by an attacker. As a consequence of the fingerprinting, the identity of the honeypot system could be revealed or it could be transformed into a bot to attack others. Several efficacious methods are proposed to fingerprint the honeypot system or to prevent it. However, there is no method available that can identify and predict fingerprinting in real-time, to save the honeypot system. Therefore, this paper proposes a technique to identify and predict fingerprinting attacks on the honeypot system in real-time. This technique is based on the fingerprinting process which necessitates a series of events by the attacker and by analysing these events contemporaneously, it is feasible to identify and predict the fingerprinting attack on the honeypot system. For the development of this technique, a popular honeypot tool KFSensor and fingerprinting tools Nmap and Xprobe2 are utilised to collect fingerprint data relating to the honeypot system. This data is analysed to detect the various attack techniques used by popular fingerprinting tools to propose a solution.","PeriodicalId":192753,"journal":{"name":"2018 IEEE International Systems Engineering Symposium (ISSE)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Discovering Hackers by Stealth: Predicting Fingerprinting Attacks on Honeypot Systems\",\"authors\":\"N. Naik, Paul Jenkins\",\"doi\":\"10.1109/SYSENG.2018.8544408\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cybersecurity is becoming increasingly challenging due to escalating security attacks on networks. A honeypot system is an effective entrapment mechanism for collecting information about these attacks and attackers. Nonetheless, one of the biggest risks to the honeypot system is the possibility of being fingerprinted by an attacker. As a consequence of the fingerprinting, the identity of the honeypot system could be revealed or it could be transformed into a bot to attack others. Several efficacious methods are proposed to fingerprint the honeypot system or to prevent it. However, there is no method available that can identify and predict fingerprinting in real-time, to save the honeypot system. Therefore, this paper proposes a technique to identify and predict fingerprinting attacks on the honeypot system in real-time. This technique is based on the fingerprinting process which necessitates a series of events by the attacker and by analysing these events contemporaneously, it is feasible to identify and predict the fingerprinting attack on the honeypot system. For the development of this technique, a popular honeypot tool KFSensor and fingerprinting tools Nmap and Xprobe2 are utilised to collect fingerprint data relating to the honeypot system. This data is analysed to detect the various attack techniques used by popular fingerprinting tools to propose a solution.\",\"PeriodicalId\":192753,\"journal\":{\"name\":\"2018 IEEE International Systems Engineering Symposium (ISSE)\",\"volume\":\"43 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE International Systems Engineering Symposium (ISSE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SYSENG.2018.8544408\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE International Systems Engineering Symposium (ISSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SYSENG.2018.8544408","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Discovering Hackers by Stealth: Predicting Fingerprinting Attacks on Honeypot Systems
Cybersecurity is becoming increasingly challenging due to escalating security attacks on networks. A honeypot system is an effective entrapment mechanism for collecting information about these attacks and attackers. Nonetheless, one of the biggest risks to the honeypot system is the possibility of being fingerprinted by an attacker. As a consequence of the fingerprinting, the identity of the honeypot system could be revealed or it could be transformed into a bot to attack others. Several efficacious methods are proposed to fingerprint the honeypot system or to prevent it. However, there is no method available that can identify and predict fingerprinting in real-time, to save the honeypot system. Therefore, this paper proposes a technique to identify and predict fingerprinting attacks on the honeypot system in real-time. This technique is based on the fingerprinting process which necessitates a series of events by the attacker and by analysing these events contemporaneously, it is feasible to identify and predict the fingerprinting attack on the honeypot system. For the development of this technique, a popular honeypot tool KFSensor and fingerprinting tools Nmap and Xprobe2 are utilised to collect fingerprint data relating to the honeypot system. This data is analysed to detect the various attack techniques used by popular fingerprinting tools to propose a solution.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
