Honeypot based intrusion management system: From a passive architecture to an ips system

TitreHoneypot based intrusion management system: From a passive architecture to an ips system
Publication TypeJournal Article
Year of Publication2013
AuthorsBendriss, E, Regragui, B
JournalJournal of Theoretical and Applied Information Technology
Volume47
Pagination792-797
Abstract

In this paper, we are presenting an Intrusion Prevention System (IPS) based on multiple sensors in the network. These sensors are in fact honeypots built using honeyd. Honeyd is a high level honeypot which is very light and which is offering a lot of possibilities to get the most of information gathered about attackers in general. In fact, we are presenting a solution to go from passive and isolated sensors to a collaborative platform to help prevent intrusions by analyzing all collected data. To be able to do this, honeyd2db module was developed to enable honeyd to log its data into a database instead of a local file to the sensor. This aggregation of data from all sensors give us the possibility to analyze all collected logs as a hole and come out with a decision (deny network traffic on a firewall for example) using any of the known methods of data analysis. © 2005 - 2013 JATIT & LLS.

URLhttps://www.scopus.com/inward/record.uri?eid=2-s2.0-84872851179&partnerID=40&md5=64123c156efa34310464200f371b9f29
Revues: 

Partenaires

Localisation

Suivez-nous sur

         

    

Contactez-nous

ENSIAS

Avenue Mohammed Ben Abdallah Regragui, Madinat Al Irfane, BP 713, Agdal Rabat, Maroc

  Télécopie : (+212) 5 37 68 60 78

  Secrétariat de direction : 06 61 48 10 97

        Secrétariat général : 06 61 34 09 27

        Service des affaires financières : 06 61 44 76 79

        Service des affaires estudiantines : 06 62 77 10 17 / n.mhirich@um5s.net.ma

        CEDOC ST2I : 06 66 39 75 16

        Résidences : 06 61 82 89 77

Contacts

    

Education - This is a contributing Drupal Theme
Design by WeebPal.