Advertisement

A Network Telescope for Early Warning Intrusion Detection

  • Panos Chatziadam
  • Ioannis G. Askoxylakis
  • Alexandros Fragkiadakis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8533)

Abstract

Proactive cyber-security tools provide basic protection as today’s cyber-criminals utilize legitimate traffic to perform attacks and remain concealed quite often until it is too late. As critical resources, hidden behind layers of cyber-defenses, can still become compromised with potentially catastrophic consequences, it is of paramount significance to be able to identify cyber-attacks and prepare a proper defense as early as possible. In this paper we will go over the architecture, deployment and usefulness of a distributed network of honeypots that relies on darknets to obtain its data. As we have envisioned that such a system has the potential to detect large scale events as early as possible we have adopted the name Early Warning Intrusion System (EWIS).

Keywords

Human aspects of intelligence-driven cybersecurity 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Irwin, B.: A framework for the application of network telescope sensors in a global IP network (January 2011)Google Scholar
  2. 2.
    Pouget, F., Dacier, M., Pham, V.: Vh: Leurre.com: on the advantages of deploying a large scale distributed honeypot platform. In: ECCE 2005, E-Crime and Computer Evidence, pp. 1–13 (2005)Google Scholar
  3. 3.
    Final Report - NoAH (NoAH: a European Network of Affined Honeypots) (2008)Google Scholar
  4. 4.
    Spyridopoulos, T., Karanikas, G., Tryfonas, T., Oikonomou, G.: A game theoretic defence framework against DoS/DDoS cyber attacks. Computers & Security 38, 39–50 (2013)CrossRefGoogle Scholar
  5. 5.
    Cooke, E., Bailey, M., Watson, D., Jahanian, F., Nazario, J.: The Internet motion sensor: A distributed global scoped Internet threat monitoring system, 1–16 (2004)Google Scholar
  6. 6.
    Akram, R.N., Markantonakis, K., Mayes, K.: User centric security model for tamper-resistant devices. In: Proceedings - 2011 8th IEEE International Conference on e-Business Engineering, ICEBE 2011, pp. 168–177 (2011)Google Scholar
  7. 7.
  8. 8.
    Bailey, M., Cooke, E., Jahanian, F., Myrick, A., Sinha, S.: Practical Darknet Measurement. In: 40th Annual Conference on Information Sciences and Systems (2006)Google Scholar
  9. 9.
  10. 10.
  11. 11.
    Moore, D., Shannon, C., Brown, D.: Inferring internet denial-of-service activity. ACM Transactions (2006)Google Scholar
  12. 12.
    Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Surveying Port Scans and Their Detection Methodologies. The Computer Journal 54(10), 1565–1581 (2011)CrossRefGoogle Scholar
  13. 13.
    Akram, R., Markantonakis, K. (n.d.): Smart Cards: State-of-the-Art to Future Directions. crow.org.nzGoogle Scholar
  14. 14.
    Cooke, E., Jahanian, F., McPherson, D.: The zombie roundup: Understanding, detecting, and disrupting botnets. In: USENIX SRUTI Workshop (2005)Google Scholar
  15. 15.
    Symantec, W32.downadup, http://www.symantec.com
  16. 16.
    Cisco, Branch router QoS design, http://www.cisco.com
  17. 17.
    Internet file system, http://www.snia.org
  18. 18.
    Computer Emergency Response Team of Austria, cert.atGoogle Scholar
  19. 19.
    Oxford University, The Darknet Mesh Project, projects.oucs.ox.ac.ukGoogle Scholar
  20. 20.
    Caida, The UCSD Network Telescope, http://www.caida.org/projects/network_telescope/
  21. 21.
    ICSI, CCIED Network Telescope, http://www.icir.org/vern/telescope.html
  22. 22.
    Team Cymru, The Darknet Project, http://www.team-cymru.org
  23. 23.
    Fragkiadakis, A.G., Tragos, E.Z., Tryfonas, T., Askoxylakis, I.G.: Design and performance evaluation of a lightweight wireless early warning intrusion detection prototype. EURASIP Journal on Wireless Communications and Networking (1), 73 (2012)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Panos Chatziadam
    • 1
  • Ioannis G. Askoxylakis
    • 1
  • Alexandros Fragkiadakis
    • 1
  1. 1.Institute of Computer Science Foundation for Research & Technology – Hellas (FORTH)FORTHcertGreece

Personalised recommendations