Skip to main content
SpringerLink
Log in

A Detailed Analysis of Intruders’ Activities in the Network Through the Real-Time Virtual Honeynet Experimentation

  • Conference paper
  • First Online:
Artificial Intelligence and Evolutionary Computations in Engineering Systems

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1056))

  • 1271 Accesses

Abstract

The menace of attackers over the network is unstoppable for the past two decades. The security practitioners and researchers are devising mechanisms to safeguard the network and its components, but still attackers emerge with cutting edge technologies to disturb the intention of legitimate users in the network. Thus, before devising proper defensive mechanisms against a specific attack, it is essential to understand the motive and strategies of the attackers with the proper clarity. This paper presents a virtual honeynet framework to record all the attackers’ activities and analyzes the strategies, tools, and mechanisms followed by the attacker, in a real-time manner. We analyzed the recorded attacks in our framework with respect to different parameters like protocol, ports, honeypots, and IDPS tools to understand the motive behind the attacks. This novel virtual honeynet architecture will give insight to the readers and security practitioners to understand the strategies followed by the attackers as well as the way of designing different traps to secretly follow the attackers in the road toward foolproof safeguarding mechanisms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kreibich, C., Crowcroft, J.: Honeycomb: creating intrusion detection signatures using honeypots. ACM SIGCOMM Comput. Commun. Rev. 34(1), 51–56 (2004)

    Article  Google Scholar 

  2. Spitzner, L.: Honeypots: catching the insider threat. In: Proceedings of 19th Annual Computer Security Applications Conference. IEEE, Las Vegas, NV, USA (2003). https://doi.org/10.1109/csac.2003.1254322

  3. Weiler, N.: Honeypots for distributed denial-of-service attacks. In: Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises. IEEE, Pittsburgh, PA, USA. https://doi.org/10.1109/enabl.2002.1029997

  4. Alata, E., Nicomette, V., Kaaniche, M., Dacier, M., Herrb, M.: Lessons learned from the deployment of a high-interaction honeypot. Sixth European Dependable Comput. Conf. (2006). https://doi.org/10.1109/EDCC.2006.17,IEEE,Coimbra,Portugal

    Article  Google Scholar 

  5. Liu, X., Peng, L., Li, C.: The dynamic honeypot design and implementation based on honeyd. In: Lin S., Huang X. (eds) Advances in Computer Science, Environment, Ecoinformatics, and Education. CSEE 2011. Communications in Computer and Information Science, vol. 214. Springer, Berlin, Heidelberg (2011)

    Chapter  Google Scholar 

  6. Li, P.: Selecting and using virtualization solutions: our experiences with VMware and VirtualBox. J. Comput. Sci. Coll. 25(3), 11–17 (2010)

    Google Scholar 

  7. Chowdhury, N.M.M.K., Bouta, R.: A survey of network virtualization. Comput. Netw. 54(5), 862–876 (2010). Elsevier

    Article  Google Scholar 

  8. Yan, L.K.: Virtual honeynets revisited. In: Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop. IEEE, West Point, NY, USA. https://doi.org/10.1109/iaw.2005.1495957

  9. Chamales, G.: The honeywall CD-ROM. IEEE Sec. Priv. IEEE. https://doi.org/10.1109/msecp.2004.1281253

    Article  Google Scholar 

  10. Provos, N.: Honeyd: A Virtual Honeypot Daemon”, 10th DFN-CERT Workshop. Hamburg, Germany (2003)

    Google Scholar 

  11. www.vit.ac.in

  12. Ding, J.-H., Chang, P.-C., Hsu, W.-C., Chung, Y.-C.: PQEMU: a parallel system emulator based on QEMU. In: IEEE 17th International Conference on Parallel and Distributed Systems. IEEE (2011). https://doi.org/10.1109/icpads.2011.102

  13. Sochor, T., Zuzcak, M.: High-interaction linux honeypot architecture in recent perspective. In: Gaj P, Kwiecień A, Stera P. (eds) Computer Networks

    Google Scholar 

  14. Jiang, X., Wang, X.: Out-of-the-box monitoring of VM-based high-interaction honeypots. In: Kruegel C., Lippmann R., Clark A. (eds) Recent Advances in Intrusion Detection. RAID 2007. Lecture Notes in Computer Science, vol. 4637. Springer, Berlin, Heidelberg (2007)

    Google Scholar 

  15. Rogers, M.K., Goldman, J., Mislan, R., Wedge, T., Debrota, S.: Computer forensics field triage process model. J. Digit. Forensics Sec. Law 1(2), Article 2 (2006). https://doi.org/10.15394/jdfsl.2006.1004

  16. Kenkre, P.S., Pai, A., Colaco, L.: Real time intrusion detection and prevention system. In: Satapathy S., Biswal B., Udgata S., Mandal J. (eds) Proceedings of the 3rd International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA) 2014. Advances in Intelligent Systems and Computing, vol. 327. Springer (2015)

    Google Scholar 

  17. de Vivo, M., Carrasco, E., Isern, G., de Vivo, G.O.: A review of port scanning techniques. ACM SIGCOMM Comput. Commun. Rev. 29(2), 41–48 (1999). ACM New York, NY, USA

    Google Scholar 

  18. CN.: Communications in Computer and Information Science, vol. 608. Springer (2016)

    Google Scholar 

  19. Wassermann, G., Su, Z.: Static detection of cross-site scripting vulnerabilities. In: Proceeding ICSE ‘08 Proceedings of the 30th international conference on Software engineering, pp. 171–180. ACM, New York (2008)

    Google Scholar 

  20. Hubczyk, M., Domanski, A., Domanska, J.: Local and remote file inclusion. In: Kapczyński, A., Tkacz, E., Rostanski, M. (eds.) Internet—Technical Developments and Applications, Advances in Intelligent and Soft Computing, vol. 118. Springer, Berlin (2012)

    Google Scholar 

  21. Xie, Y., Yu, F., Achan, K., Panigrahy, R., Hulten, G., Osipkov, I.: Spamming botnets: signatures and characteristics. ACM SIGCOMM Comput. Commun. Rev. 38(4), 171–182 (2008)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computational Intelligence, Vellore Institute of Technology, Vellore, India

    Rajarajan Ganesarathinam

  2. Department of Analytics, Vellore Institute of Technology, Vellore, India

    M. Amutha Prabakar

  3. Department of Computer Science and Engineering, Anna University, Chennai, India

    Muthukumaran Singaravelu

  4. Department of Software Engineering, Kirirom Institute of Technology, Traeng Trayueng, Cambodia

    A. Leo Fernandez

Authors
  1. Rajarajan Ganesarathinam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. Amutha Prabakar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Muthukumaran Singaravelu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. A. Leo Fernandez
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rajarajan Ganesarathinam .

Editor information

Editors and Affiliations

  1. Department of Electrical Engineering, Government College of Engineering, Keonjhar, India

    Subhransu Sekhar Dash

  2. Department of Software Engineering, SRM Institute of Science and Technology, Kattankulathur, Chennai, Tamil Nadu, India

    C. Lakshmi

  3. Electronics and Communication Sciences Unit, Indian Statistical Institute, Kolkata, West Bengal, India

    Swagatam Das

  4. Department of Electrical Engineering, IIT Delhi, New Delhi, Delhi, India

    Bijaya Ketan Panigrahi

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ganesarathinam, R., Prabakar, M.A., Singaravelu, M., Fernandez, A.L. (2020). A Detailed Analysis of Intruders’ Activities in the Network Through the Real-Time Virtual Honeynet Experimentation. In: Dash, S., Lakshmi, C., Das, S., Panigrahi, B. (eds) Artificial Intelligence and Evolutionary Computations in Engineering Systems. Advances in Intelligent Systems and Computing, vol 1056. Springer, Singapore. https://doi.org/10.1007/978-981-15-0199-9_4

Download citation

Publish with us

Policies and ethics

Search

Navigation