Investigation and Evaluation of Attack Monitoring Methods Using Web Honeypots

概要

論文の詳細を見る
In recent years, web-based applications have gained popularity due to the emergence of the trends such as netbooks and cloud computing. This popularity, along with the emphasis on personalization, has lead to the development of many web applications developed by many people. Due to negligence in secure coding, many of these web applications contain vulnerabilities. This has attracted the attention of attackers who want to exploit these security vulnerabilities to hack the web applications. Malicious users who may illicitly use these web applications and the data contained in their databases pose a constant threat. Therefore, it is necessary to protect these web applications as well as the servers on which they run. In order to effectively protect the web applications, a method of monitoring and analyzing attack is necessary in addition to the conventional intrusion detection systems. Honeypots are highly versatile security tools with various applications to internet security. They are computing resources where their value lies in the information they capture while being probed, attacked, or compromised. In this paper, we will discuss the investigation and evaluation of two web honeypots-the High Interaction Honeypot Analysis Tool and the DShield Web Honeypot as well as our proposal for a hybrid honeypot based on the results.
2010-07-01