Caught In the Honeypot: An Analysis of Computer Attacker Trends

机译：陷入蜜罐：计算机攻击者趋势分析

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

A honeypot is a computing resource whose only value lies in actually being attacked so as to capture data on hackers. These systems are quickly catching on as a good way to compliment existing security architectures. While research honeypots are intended to capture hacker techniques and motives, production honeypots are mainly used for detection. Specter, one such production honeypot, has a low level of interaction capability from an attacker's viewpoint and captures only a small amount of data detailing an attack, but it provides enough data to allow for trend analysis concerning attack volume, attack frequency, the source of attack, types of attack, and when attacks are most likely to occur. Specter also helps in investigating if the attacks are by humans, scripts, or worms. This information can be helpful for security professionals in the hardening of their networks and systems. This paper first describes honeypots in general and how they are being used. It then details Specter and how it was deployed during a research project, reviews attack trends from the last half of 2002, and reports results based on a short 2-week research period. These results are compared to the previous work's data, and possible reasons into any discrepancies are provided.

机译：蜜罐是一种计算资源，其唯一价值在于实际受到攻击以捕获黑客数据。这些系统正在迅速流行，是补充现有安全体系结构的好方法。研究型蜜罐旨在捕获黑客的技术和动机，而生产型蜜罐则主要用于检测。从生产者的角度来看，Spectre是一种生产蜜罐，它的交互能力很低，并且仅捕获少量详细描述了攻击的数据，但是它提供了足够的数据来进行有关攻击量，攻击频率，攻击来源的趋势分析。攻击，攻击类型以及最有可能发生攻击的时间。 Spectre还有助于调查攻击是由人，脚本还是蠕虫引起的。此信息对于安全专业人员的网络和系统加固可能会有所帮助。本文首先介绍了蜜罐的一般情况以及如何使用它们。然后，它详细介绍了Spectre及其在研究项目中的部署方式，回顾了2002年下半年以来的攻击趋势，并基于短短的2周研究期报告了结果。将这些结果与以前的工作数据进行比较，并提供可能导致差异的原因。

著录项

来源
《International Conference on Cybernetics and Information Technologies, Systems and Applications(CITSA2004) and 10th International Conference on Information Systems Analysis and Synthesis(ISAS2004) vol.1》|2004年|P.417-422|共6页
会议地点 OrlandoFL(US)
作者
Trent Townsend;
展开▼
作者单位

Dept. of Computer Science and Engineering, Mississippi State University, Mississippi State, MS 39762, USA;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类通信;
关键词
honeypot; honeynet. network security; intrusion detection; specter;

机译：蜜罐；蜜罐。网络安全入侵检测幽灵;

相似文献

外文文献
中文文献
专利

1. Causal analysis of attacks against honeypots based on properties of countries [J] . Zuzcak Matej, Bujok Petr Information Security, IET . 2019,第5期

机译：基于国家属性的蜜罐攻击的因果分析
2. Defense Strategies Against Network Attacks in Cyber-Physical Systems with Analysis Cost Constraint Based on Honeypot Game Model [J] . Wen Tian, Xiaopeng Ji, Weiwei Liu, Computers, Materials & Continua . 2019,第1期

机译：基于蜜罐游戏模型的分析成本约束，对网络 - 物理系统网络攻击的防御策略
3. An Advanced Honeypot System for Efficient Capture and Analysis of Network Attack Traffic [J] . Balaji Darapareddy, Vijayadeep Gummadi International Journal of Engineering Trends and Technology . 2012,第5a2期

机译：先进的蜜罐系统，可有效捕获和分析网络攻击流量
4. Caught In the Honeypot: An Analysis of Computer Attacker Trends [C] . Trent Townsend International Conference on Cybernetics and Information Technologies, Systems and Applications(CITSA2004) and 10th International Conference on Information Systems Analysis and Synthesis(ISAS2004) vol.1 . 2004

机译：陷入蜜罐：计算机攻击者趋势分析
5. Analysis, detection, and modeling of attacks in computer communication networks. [D] . Allen, William H. 2003

机译：分析，检测和建模计算机通信网络中的攻击。
6. Computer Applications in Medical Care. Computer Systems in Hospitals. Hospital-Based Specialty Care Systems: An Interactive Patient Data Base for Intensive Care Trend Analysis [O] . J. V. Gomez, A. G. Haddad, W. M. Mentz, 1983

机译：医疗保健中的计算机应用。医院中的计算机系统。基于医院的专业护理系统：用于重症监护趋势分析的交互式患者数据库
7. Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks [O] . Rolston, Bri 2005

机译：攻击方法分析：基于计算机的攻击方法的新兴趋势及其对控制系统网络的适用性

Caught In the Honeypot: An Analysis of Computer Attacker Trends

摘要

著录项

相似文献

相关主题

期刊订阅