Detecting New and Unknown Malwares Using Honeynet

Szczepanik, Michał; Jóźwiak, Ireneusz

doi:10.1007/978-3-642-14989-4_17

Detecting New and Unknown Malwares Using Honeynet

Michał Szczepanik⁴ &
Ireneusz Jóźwiak⁴

Chapter

766 Accesses

Part of the book series: Advances in Intelligent and Soft Computing ((AINSC,volume 80))

Abstract

The importance of network security is rapidly increasing as more and more business is conducted via these systems. The proposed honeynet system can be used to detect bots or malware based on the evaluation of events occurring within a computer network. A honeypot is a trap set to detect, deflect or in some manner counteract attempts at unauthorized access to information systems. A honeynet (a network consisting of 2 or more honeypots) is used for surveillance of larger or more diverse networks for which one honeypot may not be sufficient. Honeynets are fast emerging as an indispensible forensic tool for the analysis of malicious network traffic. Honeypots can be considered to be traps for hackers and intruders and are generally deployed complimentary to Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in a network. Proposed system would be capable of providing cures for new fatal viruses which have not yet been discovered by security firms.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 129.00; Price excludes VAT (USA)

Softcover Book: USD 169.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Piotrowski, M.: The protection of computer networks through technology honeypot (2007) (in Polish)
Google Scholar
Rush, M., Orebaugh, A., Clark, G., Pinkard, B., Babbin, J.: Intrusion Prevention and Active Response - Deploying Network and Host IPS (2005)
Google Scholar
Erickson, J.: Hacking: The Art of Exploitation (2008)
Google Scholar
Holz, T., Dornseif M.: Hands on Honeypot Technology (Black Hat 2005), blackhat.com
Auerbach, O.: AVIRA, Evolution from a Honeypot to a distributed Honeynet
Google Scholar
Ahmadi, M., Wong, S.: A Cache Architecture for Counting Bloom Filters. In: 15th International Conference on Networks ICON 2007 (2007)
Google Scholar
Karamcheti, V.: Detecting Malicious Network Traffic, Using Inverse Distributions of Packet Contents. In: SIGCOMM 2005 Workshops, Philadelphia, PA, USA, August 22-26 (2005)
Google Scholar

Download references

Author information

Authors and Affiliations

Institute of Informatics, Wrocław University of Technology, Poland
Michał Szczepanik & Ireneusz Jóźwiak

Authors

Michał Szczepanik
View author publications
You can also search for this author in PubMed Google Scholar
Ireneusz Jóźwiak
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Institute of Informatics, Wroclaw University of Technology, Wyb. Wyspianskiego 27, 50-370, Wroclaw, Poland
Ngoc Thanh Nguyen & Aleksander Zgrzywa &
Multimedia Systems Department, Gdansk University of Technology, ul. Narutowicza 11/12, 80-233, Gdansk, Poland
Andrzej Czyżewski

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Szczepanik, M., Jóźwiak, I. (2010). Detecting New and Unknown Malwares Using Honeynet. In: Nguyen, N.T., Zgrzywa, A., Czyżewski, A. (eds) Advances in Multimedia and Network Information System Technologies. Advances in Intelligent and Soft Computing, vol 80. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14989-4_17

Download citation

DOI: https://doi.org/10.1007/978-3-642-14989-4_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14988-7
Online ISBN: 978-3-642-14989-4
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics