DocumentCode :
2387536
Title :
The Generation of Attack Signatures Based on Virtual Honeypots
Author :
Tang, Xinyu
Author_Institution :
Hunan Univ. of Commerce, Changsha, China
fYear :
2010
fDate :
8-11 Dec. 2010
Firstpage :
435
Lastpage :
439
Abstract :
This paper puts forward an automatically generated system of attack signature based on virtual honeypots, which adopts an open source software virtual honeypot-Honeyd, uses the plug-in-supporting function of Honeyd, and sets up Signature Generation System (SGS) to generate attack signature for Snort automatically. SGS carries out the intrusion rule extraction of data packets which have entered Honeyd and compares these rules with the rule library in the Snort. If there exist no similar intrusion rules in the rule library, SGS will automatically create a new rule. Otherwise SGS will update the rule. In this way it automatically updates the rule library of Snort to reduce the miss probability of Snort.
Keywords :
Internet; public domain software; security of data; SGS; attack signature generation; data packets; intrusion rule extraction; open source software; signature generation system; virtual honeypots; Computers; Feature extraction; IP networks; Intrusion detection; Libraries; Servers; Attack signature; Honeyd; Honeypot; Intrusion detection;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies (PDCAT), 2010 International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-9110-0
Electronic_ISBN :
978-0-7695-4287-4
Type :
conf
DOI :
10.1109/PDCAT.2010.54
Filename :
5704465
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2387536
بازگشت