Collection and analysis of attack data based on honeypots deployed on the Internet

  • E. Alata
  • M. Dacier
  • Y. Deswarte
  • M. Kaaâniche
  • K. Kortchinsky
  • V. Nicomette
  • V. H. Pham
  • F. Pouget
Conference paper

DOI: 10.1007/978-0-387-36584-8_7

Part of the Advances in Information Security book series (ADIS, volume 23)
Cite this paper as:
Alata E. et al. (2006) Collection and analysis of attack data based on honeypots deployed on the Internet. In: Gollmann D., Massacci F., Yautsiukhin A. (eds) Quality of Protection. Advances in Information Security, vol 23. Springer, Boston, MA

Abstract

The CADHo project (Collection and Analysis of Data from Honeypots) is an ongoing research action funded by the French ACI “Securiteé & Informatique” [1]. It aims at building an environment to better understand threats on the Internet and also at providing models to analyze the observed phenomena. Our approach consists in deploying and sharing with the scientific community a distributed platform based on honeypots that gathers data suitable to analyze the attack processes targeting machines connected to the Internet. This distributed platform, called Leurreé.com and administrated by Institut Eurecom, offers each partner collaborating to this initiative access to all collected data in order to carry out statistical analyzes and modeling activities. So far, about thirty honeypots have been operational for several months in twenty countries of the five continents. This paper presents a brief overview of this distributed platform and examples of results derived from the data. It also outlines the approach investigated to model observed attack processes and to describe the intruders behaviors once they manage to get access to a target machine.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer Science+Business Media, LLC. 2006

Authors and Affiliations

  • E. Alata
    • 1
  • M. Dacier
    • 2
  • Y. Deswarte
    • 1
  • M. Kaaâniche
    • 1
  • K. Kortchinsky
    • 3
  • V. Nicomette
    • 1
  • V. H. Pham
    • 2
  • F. Pouget
    • 2
  1. 1.LAAS-CNRSToulouse Cedex 4France
  2. 2.EurecomSophia Antipolis CedexFrance
  3. 3.CERT-RENATERParisFrance

Personalised recommendations