We apologize for a recent technical issue with our email system, which temporarily affected account activations. Accounts have now been activated. Authors may proceed with paper submissions. PhDFocusTM
CFP last date
20 November 2024
Reseach Article

Implementation of High Interaction Honeypot to Analyze the Network Traffic and Prevention of Attacks on Protocol/Port Basis

by Gurdip Kaur, Jatinder Singh Saini
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 62 - Number 16
Year of Publication: 2013
Authors: Gurdip Kaur, Jatinder Singh Saini
10.5120/10165-4954

Gurdip Kaur, Jatinder Singh Saini . Implementation of High Interaction Honeypot to Analyze the Network Traffic and Prevention of Attacks on Protocol/Port Basis. International Journal of Computer Applications. 62, 16 ( January 2013), 22-29. DOI=10.5120/10165-4954

@article{ 10.5120/10165-4954,
author = { Gurdip Kaur, Jatinder Singh Saini },
title = { Implementation of High Interaction Honeypot to Analyze the Network Traffic and Prevention of Attacks on Protocol/Port Basis },
journal = { International Journal of Computer Applications },
issue_date = { January 2013 },
volume = { 62 },
number = { 16 },
month = { January },
year = { 2013 },
issn = { 0975-8887 },
pages = { 22-29 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume62/number16/10165-4954/ },
doi = { 10.5120/10165-4954 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:11:59.648024+05:30
%A Gurdip Kaur
%A Jatinder Singh Saini
%T Implementation of High Interaction Honeypot to Analyze the Network Traffic and Prevention of Attacks on Protocol/Port Basis
%J International Journal of Computer Applications
%@ 0975-8887
%V 62
%N 16
%P 22-29
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Network security deals with two types of communities - black hats and white hats. The era of security has come when the white hats are not only interested in defending the networks but are keen to make fool of the black hats. Looking at the other side of the mirror, the black hats have also evolved new methods of breaching the security. The work in this paper is based on implementation of low-interaction and high-interaction honeypots along with the deployment of honeywall gateway. Honeywall gateway acts as reverse firewall that allows all type of traffic (both good and bad) to enter the system to facilitate analysis and learning. Honeywall gateway is the heart of the work that is involved in capturing, controlling, and analysis of data. The captured data is further categorized on protocol and port basis. The methodology used can be summarized into three steps: • Monitoring the attack traffic • Analyzing the attack type and method • Responding to the attacker to capture in depth information. The work is intended to analyze the attacker's activities once it is logged and captured by honeywall and accessed through the walleye interface.

References
  1. Alata, E. , Nicomette, V. , Kaâniche, M. , Dacier, M. , Herrb, M. , 2006. "Lessons learned from the deployment of a high-interaction honeypot", Proceedings of the Sixth European Dependable Computing Conference (EDCC'06), 0-7695-2648-9/06.
  2. Alimerkaj, Gilmand, "Development of AIT's HoneyNet", Athens Information Technology, Center of excellence for Research and Graduate Education.
  3. Chamotra, Saurabh, 2009. "Attack detection using Honeynets", Network Packet Capturing and Analysis, CDAC Mohali.
  4. Chamotra, Saurabh, Bhatia, J. S. , Kamal, Raj, Ramani, A. K. , 2011. "Deployment of a Low Interaction Honeypot in an Organizational Private Network", 978-1-4577-0240-2/11, Page 130-135.
  5. "Configuracion del Honeywall CDROM", http://www. youtube. com/watch?v=HZiylQ_tdgo
  6. "Development of the Honeyd virtual Honeypot", www. honeyd. org
  7. Döring, Christian, 2005. "Improving network security with Honeypots", Master's thesis, University of Applied Sciences, Darmstadt.
  8. Gómez, Diego González, 2004. "Building a GenII Honeynet Gateway", Spanish Honeynet Project http://www. honeynet. org. es
  9. Harper, Allen, Ballas, Edward, "GEN III Honeynets: The birth of roo", The Honeynet Project.
  10. "Honeypot/honeyd tutorial part 1, getting started", http://www. travisaltman. com/honeypot-honeyd-tutorial-part-1-getting-started
  11. "Honeypot/honeyd tutorial part 2, multiple honeypots", http://www. travisaltman. com/honeypot-honeyd-tutorial-part-2-multiple-honeypots/
  12. "Honeypot/honeyd tutorial part 3, static IP's", http://www. travisaltman. com/honeypot-honeyd-tutorial-part-3-static-ips/ [13"honeywall CDROM documentation", The Honeynet Project.
  13. "Hping", www. hping. org
  14. "Instalacion del Honeywall CDROM", http://www. youtube. com/watch?v=sBLIHFc64jM.
  15. "Installing Honeyd 1. 5c And Arpd 0. 2 Under CentOS 5 (With gcc 4. x)", http://www. howtoforge. com/installing-honeyd-1. 5c-and-arpd-0. 2-under-centos-5-with-gcc-4. x
  16. Johny, Awad, Andreas, Derdemezis, 2005. "Implementation of a High Interaction Honeynet Testbed for Educational and Research Purposes", MsITT Thesis, AIT.
  17. Kaur, Gurdip, Singh, Gurpal, Singh, Jatinder, 2012. "Implementation of low interaction honeypot to improve the network security", proceedings of International conference on Advancements in Computing & Communication (ICACC 2012), Page .
  18. "Know Your Enemy: GenII Honeynets", The Honeynet Project.
  19. "Know Your Enemy: Honeywall CDROM Roo", 3rd Generation Technology, The Honeynet Project.
  20. "Know Your Enemy: Learning about Security Threats", The Honeynet Project, 2nd Edition, Addison-Wesley 2004.
  21. "Know Your Enemy: Sebek A kernel based data capture tool", The Honeynet Project, http://www. honeynet. org/tools/sebek/
  22. Moon, Silver, "TCP SYN flood operating system attack with hping", http://www. binarytides. com/tcp-syn-flood-dos-attack-with-hping/.
  23. Provos Neils, Holz Thorsten, 2007. "Virtual Honeypots: From Botnet Tracking to Intrusion Detection", Addison Wesley Professional.
  24. Singh, Abhay Nath, Joshi, R. C. , 2011. "A Honeypot System for Efficient Capture and Analysis of Network Attack Traffic", Proceedings of 2011 International Conference on Signal Processing, Communication, Computing and Networking Technologies (ICSCCN 2011), 978-1-61284-653-8/11, Page 514-519.
  25. Spitzner, L. ,2003. "Honeypots: Tracking Hackers", Addison-Wesley.
  26. Zereneh, William, 2010. "Packet Crafting".
Index Terms

Computer Science
Information Sciences

Keywords

honeyd attacks honeypots honeynet gateway honeywall sebek