Advertisement

Using Sports Plays to Configure Honeypots Environments to form a Virtual Security Shield

  • Tyrone S. TolandEmail author
  • Sebastian Kollmannsperger
  • J. Bernard Brewton
  • William B. Craft
Chapter

Abstract

Unauthorized access to information continues to be a challenging problem, especially in a time where cyber-attacks are on the rise. Current security measures (e.g., access control systems, firewalls, intrusion detection systems) alone are not sufficient to protect the information technology (IT) infrastructure from a resourceful malicious attacker. This chapter presents a novel approach to configure a honeypot environment using football play formations to form a Virtual Security Shield (VSS). We show how VSS can be used to simulate moving a honeypot to different locations in the network to generate valuable information about a malicious attacker. This information can be used to prevent future unauthorized access to an infrastructure. We also provide results from a proof of concept experiment.

Notes

Acknowledgements

The authors would like to thank Dr. Frank Li, Dr. Jerome Lewis, and Dr. Bernard Omolo for their support in using the Networking Lab in the Division of Mathematics and Computer Science. The authors would also like to thank the reviewers for their invaluable feedback.

References

  1. 1.
    Bait and Switch Honeypot. (2016). Retrieved June 2016, http://baitnswitch.sourceforge.net/.
  2. 2.
    Basile, C., & Lioy, A. (2015). Analysis of application-layer filtering policies with application to http. IEEE/ACM Transactions on Networking, 23(1), 28–41. doi:10.1109/TNET.2013.2293625. http://dx.doi.org/10.1109/TNET.2013.2293625.CrossRefGoogle Scholar
  3. 3.
    Bobba, R., Fatemieh, O., Khan, F., Khan, A., Gunter, C. A., Khurana, H., et al. (2010). Attribute-based messaging: Access control and confidentiality. ACM Transactions on Information and System Security, 13(4), 31:1–31:35. doi:10.1145/1880022.1880025. http://doi.acm.org/10.1145/1880022.1880025.
  4. 4.
    Brand, M. ‘Marketplace’ Report: TJX Data Breach: NPR. http://www.npr.org/templates/story/story.php?storyId=9209541.
  5. 5.
    Chen, H., Chowdhury, O., Li, N., Khern-am nuai, W., Chari, S., Molloy, I., et al. (2016). Tri-modularization of firewall policies. In Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, SACMAT ’16 (pp. 37–48). New York, NY: ACM. doi:10.1145/2914642.2914646. http://doi.acm.org/10.1145/2914642.2914646.
  6. 6.
    Free Cloud Services. AWS Free Tier. //aws.amazon.com/free/.Google Scholar
  7. 7.
  8. 8.
    Honeyd. (2016). Retrieved June 2016, http://www.citi.umich.edu/u/provos/honeyd/.
  9. 9.
    Hunter, D., Parry, J., Radke, K., & Fidge, C. (2017). Authenticated encryption for time-sensitive critical infrastructure.In Proceedings of the Australasian Computer Science Week Multiconference, ACSW ’17 (pp. 19:1–19:10). New York, NY: ACM. doi:10.1145/3014812.3014832. http://doi.acm.org/10.1145/3014812.3014832.Google Scholar
  10. 10.
    Intrusion Detection, Honeypots and Incident Handling Resources. (2016). Retrieved June 2016, http://www.honeypots.net/honeypots/products.
  11. 11.
    Java. (2016). Retrieved June, 2016 https://www.java.com/en/.
  12. 12.
    Kechar, M., & Bahloul, S. N. (2015). An access control system architecture for xml data warehouse using xacml. In Proceedings of the International Conference on Intelligent Information Processing, Security and Advanced Communication, IPAC ’15 (pp. 15:1–15:6). New York, NY: ACM. doi:10.1145/2816839.2816897. http://doi.acm.org/10.1145/2816839.2816897.
  13. 13.
    KFSensor. (2016). Retrieved June 2016, http://www.keyfocus.net/kfsensor/.
  14. 14.
    Kim, D., & Solomon, M. G. (2018). Fundamentals of information systems security (3rd ed.). Burlington, MA: Jones and Bartlett.Google Scholar
  15. 15.
    Kollmannsperger, S., & Toland, T. (2016). Using football formations in a honeypot environment. In Proceedings of The 2016 International Conference on Security and Management, SAM’16 (pp. 299–303). Athens: CSREA Press.Google Scholar
  16. 16.
    Learn and talk about Draw play, American football plays. (2016). Retrieved June 2016, http://www.digplanet.com/wiki/Draw_play/.
  17. 17.
    Mairh, A., Barik, D., Verma, K., & Jena, D. (2011). Honeypot in network security: A survey. In Proceedings of the 2011 International Conference on Communication, Computing & Security, ICCCS ’11 (pp. 600–605). New York, NY: ACM. doi:10.1145/1947940.1948065. http://doi.acm.org/10.1145/1947940.1948065.Google Scholar
  18. 18.
    Memmott, M. Breach At Target Stores May Affect 40 Million Card Accounts: The Two-Way: NPR. http://www.npr.org/sections/thetwo-way/2013/12/19/255415230/breach-at-target-stores-may-affect-40-million-card-accounts.
  19. 19.
    Mokube, I., & Adams, M. (2007). Honeypots: Concepts, approaches, and challenges. In Proceedings of the 45th Annual Southeast Regional Conference, ACM-SE 45 (pp. 321–326). New York, NY: ACM. doi:10.1145/1233341.1233399. http://doi.acm.org/10.1145/1233341.1233399.CrossRefGoogle Scholar
  20. 20.
    Pisarčík, P., & Sokol, P. (2014). Framework for distributed virtual honeynets. In Proceedings of the 7th International Conference on Security of Information and Networks, SIN ’14 (pp. 324:324–324:329). New York, NY: ACM. doi:10.1145/2659651.2659685. http://doi.acm.org/10.1145/2659651.2659685.
  21. 21.
    Running Plays in Football. (2016). Retrieved June 2016, http://www.dummies.com/sports/football/offense/running-plays-in-football/.
  22. 22.
    Screen Pass. (2016). Retrieved June 2016, http://nflbreakdowns.com/beginner-series-screen-pass/.
  23. 23.
    Soleimani, M., Asl, E. K., Doroud, M., Damanafshan, M., Behzadi, A., & Abbaspour, M. (2007). Raas: A reliable analyzer and archiver for snort intrusion detection system. In Proceedings of the 2007 ACM Symposium on Applied Computing, SAC ’07 (pp. 259–263). New York, NY: ACM. doi:10.1145/1244002.1244067. http://doi.acm.org/10.1145/1244002.1244067.CrossRefGoogle Scholar
  24. 24.
    Tarle, B. S., & Prajapati, G. L. (2011). On the information security using fibonacci series. In Proceedings of the International Conference & Workshop on Emerging Trends in Technology, ICWET ’11 (pp. 791–797). New York, NY: ACM. doi:10.1145/1980022.1980195. http://doi.acm.org/10.1145/1980022.1980195.CrossRefGoogle Scholar
  25. 25.
    Wang, X., Kordas, A., Hu, L., Gaedke, M., & Smith, D. (2013). Administrative evaluation of intrusion detection system. In Proceedings of the 2nd Annual Conference on Research in Information Technology, RIIT ’13 (pp. 47–52). New York, NY: ACM. doi:10.1145/2512209.2512216. http://doi.acm.org/10.1145/2512209.2512216.CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • Tyrone S. Toland
    • 1
    Email author
  • Sebastian Kollmannsperger
    • 1
  • J. Bernard Brewton
    • 2
  • William B. Craft
    • 1
  1. 1.University of South Carolina UpstateSpartanburgUSA
  2. 2.City of SpartanburgSpartanburgUSA

Personalised recommendations