Add to collection(s) Add to saved
  1. Business
  2. Economics

Honeypots-Presentation

advertisement 
Honeypots and Network Security
Research by: Christopher MacLellan
Project Mentor: Jim Ward
EPSCoR and Honors Program
Honeypot? What is it?


Name originates from pots of honey
used to trap unsuspecting wasps.
This same concept can be applied to
computers to catch unsuspecting
malicious computer users.
Honeypot? What is it? (cont.)

Honeypot Components

Fake computer system (virtual or physical)

No legitimate production usage or traffic

Looks like a tantalizing production system

Logging and alert mechanisms in place
Physical vs. Virtual Honeypots
•
Physical Honeypots are actual (physical)
computers that are set up with additional
logging and security mechanisms.
•
Virtual Honeypots are a software package
that allows you to fake numerous computer
distributions at various places over the
network from one computer.
Hybrid System
•
This is the system I recommend. It uses
virtual Honeypots to direct traffic to the
physical Honeypots.
Honeypot Implementations

Commercial Honeypots



Cost Money
Easy to use but not easy to modify
Open Source Honeypots



Free
Difficult to use
Poor documentation
Research Objectives



Configure and run an open source honeypot
(honeyd).
Build a live linux cd containing this already
configured open source honeypot.
Analyze the cost and security benefits of this
implementation.
Honeyd Honeypot


Was able to configure and run a honeyd
honeypot.
Discovered issues with honeyd that optimally
would need to be fixed.

New scanner signature methods allows
malicious users to detect the honeypot.
KNOPPIX live CD


Used the KNOPPIX live CD framework to
build a custom live CD.
Was able to get this working and deploy
honeyd on computers with CD drive in under
5 minutes.
Cost and Security Benefits

Benefits

Cost

Easy and versatile to deploy

Read-only makes reseting safe and easy

Make a mistake? Simply reboot.
Conclusions



The implementation I created addressed the
problems with open source Honeypots.
Honeyd needs some improvements to make
this system as complete and functional as it
could be.
Moving Honeypot technology to easy to
deploy read-only mediums is the best
implementation.
Thank you



Thanks to the Wyoming EPSCoR program
for the funding to work on this project.
Thanks to the UW Honors Program for all
their support and guidance.
Thanks to Jim Ward being my project mentor.
Related documents
Honeypots
Honeypots
What is a honeypot?
What is a honeypot?
Intrusion Detection using Honeypots
Intrusion Detection using Honeypots
Group 1B
Group 1B
What is a Honeypot
What is a Honeypot
A Virtual Honeypot Framework
A Virtual Honeypot Framework
A sample final
A sample final
BITS NEWS E-Bulletin
BITS NEWS E-Bulletin
PowerPoint ******
PowerPoint ******
Heat-seeking Honeypots : Desing and Experience
Heat-seeking Honeypots : Desing and Experience
How to build a Honeypot - Montclair State University
How to build a Honeypot - Montclair State University
paper1
paper1
Honeypot
Honeypot
HoneyPots - WordPress.com
HoneyPots - WordPress.com
Data Security using Honeypot System
Data Security using Honeypot System
A Journey Towards Rigorous Cybersecurity Experiments
A Journey Towards Rigorous Cybersecurity Experiments
2018-10-GIIS-Honeypots-Camera-Ready
2018-10-GIIS-Honeypots-Camera-Ready
HoneyPots
HoneyPots
HoneyPot1 - Security Research
HoneyPot1 - Security Research
Banking Security using Honeypot
Banking Security using Honeypot
Bandits for Cybersecurity: Adaptive Intrusion Detection Using Honeypots
Bandits for Cybersecurity: Adaptive Intrusion Detection Using Honeypots
- University of Houston
- University of Houston
Download
advertisement