Abstract
New threats from the Internet emerging every day need to be analyzed in order to prepare ways of protection against them. Various honeypots combined into honeynets are the most efficient tool how to lure, detect and analyze threats from the Internet. The paper presents recent results in honeynet made of Dionaea (emulating Windows services), Kippo (emulating Linux services) and Glastopf (emulating website services) honeypots. The most important result consists in the fact that the differentiation among honeypots according to their IP address is relatively rough (usually two categories, i.e. academic and commercial networks, are usually distinguished, but the type of services in commercial sites is taken into account, too). Comparisons of results to other similar honeynets confirms the validity of the paper main conclusions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Kheirkhah, E., et al.: An experimental study of SSH attacks by using honeypot decoys. Indian J. Sci. Tech. 6(12), 5567–5578 (2013)
Sochor, T., Zuzcak, M.: Study of internet threats and attack methods using honeypots and honeynets. In: Kwiecień, A., Gaj, P., Stera, P. (eds.) CN 2014. CCIS, vol. 431, pp. 118–127. Springer, Heidelberg (2014)
Reynolds, J., Postel, J.: Assigned numbers. IETF. RFC 1340 (1992). http://www.rfc-editor.org/rfc/rfc1340.txt
Spitzner, L.: Honeypots: Tracking Hackers. Addison-Wesley, Boston (2002)
Joshi, R.C., Sardana, A.: Honeypots: A New Paradigm to Information Security. Science Publishers (2011)
Grudziecki, T., et al.: Proactive detection of security incidents honeypots. In: ENISA (2012). https://www.enisa.europa.eu/activities/cert/support/proactive-detection/proactive-detection-of-security-incidents-II-honeypots/at_download/fullReport
Pisarcik, P., Sokol, P.: Framework for distributed virtual honeynets. In: Proceedings of the 7th International Conference on Security of Information and Networks, p. 324. ACM (2014)
Zacek, J., Hunka, F.: CEM: class executing modeling. Procedia Comput. Sci. 2011, 1597–1601 (2011)
Sokol, P.: Legal issues of honeynet’s generations. In: IWSSS 2014. Bucharest (2014)
Sokol, P., Zuzcak, M., Sochor, T.: Definition of attack in the context of low-level interaction server honeypots. In: Park, J.J.J.H., Stojmenovic, I., Jeong, H.Y., Yi, G. (eds.) Computer Science and Its Applications. LNEE, vol. 330, pp. 499–504. Springer, Heidelberg (2015)
Pomorova, O., Savenko, O., Lysenko, S., Kryshchuk, A., Nicheporuk, A.: A technique for detection of bots which are using polymorphic code. In: Kwiecień, A., Gaj, P., Stera, P. (eds.) CN 2014. CCIS, vol. 431, pp. 265–276. Springer, Heidelberg (2014)
Wheeler, D.A.: Shellshock (2015). http://www.dwheeler.com/essays/shellshock.html
Acknowledgment
The publication was supported by Fuzzy modeling tools for adaptive search burdened with indeterminacy and system behavior prediction project of the Student Grant Competition of the University of Ostrava. Thanks belong to the Center of Information Technologies of the University of Ostrava, and to Spojena skola in Kysucke Nove Mesto for providing the connection for research honeypots. Thanks are expressed to the Institute of Informatics of the Silesian University of Technology and Polish Chapter of The Honeynet Project and CERT-PL for providing the data, and The Honeynet Project, Czech Chapter, for consulting.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Sochor, T., Zuzcak, M. (2015). Attractiveness Study of Honeypots and Honeynets in Internet Threat Detection. In: Gaj, P., Kwiecień, A., Stera, P. (eds) Computer Networks. CN 2015. Communications in Computer and Information Science, vol 522. Springer, Cham. https://doi.org/10.1007/978-3-319-19419-6_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-19419-6_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19418-9
Online ISBN: 978-3-319-19419-6
eBook Packages: Computer ScienceComputer Science (R0)