低交互蜜罐入侵检测系统在医疗机构信息安全中的应用

International Journal of Security and Its Applications Pub Date : 2017-09-30 DOI:10.14257/IJSIA.2017.11.9.07

Aastha Yadav, Sarthak Raisurana, H. Balaji, P. Lalitha, Ronnie D. Caytiles, N. Iyengar

{"title":"低交互蜜罐入侵检测系统在医疗机构信息安全中的应用","authors":"Aastha Yadav, Sarthak Raisurana, H. Balaji, P. Lalitha, Ronnie D. Caytiles, N. Iyengar","doi":"10.14257/IJSIA.2017.11.9.07","DOIUrl":null,"url":null,"abstract":"Healthcare Organizations have seen an alarming rise in cyber-attacks in the recent years. One way a hacker could get control was by breaking into a medical network to gain access over the active medical devices that patients rely on for their survival. Our network model proposes a low-interaction and a medium-interaction honeypot based intrusion detection system using Dionaea and Kippo SSH to secure our internal network and study the activities of the intruders. We also look at a possible Metasploit attack and Brute force attack logged by Dionaea and Kippo SSH which prepares the Malware Analysis report of the suspicious file downloaded.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Information Security in Healthcare Organizations using Low-Interaction Honeypot Intrusion Detection System\",\"authors\":\"Aastha Yadav, Sarthak Raisurana, H. Balaji, P. Lalitha, Ronnie D. Caytiles, N. Iyengar\",\"doi\":\"10.14257/IJSIA.2017.11.9.07\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Healthcare Organizations have seen an alarming rise in cyber-attacks in the recent years. One way a hacker could get control was by breaking into a medical network to gain access over the active medical devices that patients rely on for their survival. Our network model proposes a low-interaction and a medium-interaction honeypot based intrusion detection system using Dionaea and Kippo SSH to secure our internal network and study the activities of the intruders. We also look at a possible Metasploit attack and Brute force attack logged by Dionaea and Kippo SSH which prepares the Malware Analysis report of the suspicious file downloaded.\",\"PeriodicalId\":46187,\"journal\":{\"name\":\"International Journal of Security and Its Applications\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-09-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Security and Its Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.14257/IJSIA.2017.11.9.07\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Security and Its Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.14257/IJSIA.2017.11.9.07","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

近年来，医疗保健组织的网络攻击数量惊人地增加。黑客获得控制权的一种方法是闯入医疗网络，访问患者赖以生存的活跃医疗设备。我们的网络模型提出了一个基于低交互和中等交互蜜罐的入侵检测系统，该系统使用Dioaea和Kippo SSH来保护我们的内部网络并研究入侵者的活动。我们还查看了Dioaea和Kippo SSH记录的可能的Metasploit攻击和Brute force攻击，该SSH准备下载的可疑文件的恶意软件分析报告。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Information Security in Healthcare Organizations using Low-Interaction Honeypot Intrusion Detection System

Healthcare Organizations have seen an alarming rise in cyber-attacks in the recent years. One way a hacker could get control was by breaking into a medical network to gain access over the active medical devices that patients rely on for their survival. Our network model proposes a low-interaction and a medium-interaction honeypot based intrusion detection system using Dionaea and Kippo SSH to secure our internal network and study the activities of the intruders. We also look at a possible Metasploit attack and Brute force attack logged by Dionaea and Kippo SSH which prepares the Malware Analysis report of the suspicious file downloaded.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Security and Its Applications COMPUTER SCIENCE, INFORMATION SYSTEMS-

自引率

0.00%

发文量

期刊介绍： IJSIA aims to facilitate and support research related to security technology and its applications. Our Journal provides a chance for academic and industry professionals to discuss recent progress in the area of security technology and its applications. Journal Topics: -Access Control -Ad Hoc & Sensor Network Security -Applied Cryptography -Authentication and Non-repudiation -Cryptographic Protocols -Denial of Service -E-Commerce Security -Identity and Trust Management -Information Hiding -Insider Threats and Countermeasures -Intrusion Detection & Prevention -Network & Wireless Security -Peer-to-Peer Security -Privacy and Anonymity -Secure installation, generation and operation -Security Analysis Methodologies -Security assurance -Security in Software Outsourcing -Security products or systems -Security technology -Systems and Data Security