Title :
J-Honeypot: a Java-based network deception tool with monitoring and intrusion detection
Author :
Mai, Yuqing ; Upadrashta, Radhika ; Su, Xiao
Author_Institution :
Dept of Comput. Eng., San Jose State Univ., CA, USA
Abstract :
In this paper, we describe the development of J-Honeypot, a Java-based network deception tool with a Web-based monitoring interface and a rule-based intrusion detection engine. Our J-Honeypot is based on the Honeyd program by Niels Provos, but features important enhancements. First, since J-Honeypot is written in Java, it can potentially run on various platforms, Windows or UNIX, workstations or handheld devices. Second, J-Honeypot has a rule-based intrusion detection engine, whose design is guided by the analysis of real world attack data. The attack data was collected by opening up our J-Honeypot to solicit possible attacks. Third, J-Honeypot includes a Web-based monitoring tool that is easily accessible and can help network administrators better understand network traffic and possible attacks.
Keywords :
Internet; Java; security of data; system monitoring; J-Honeypot; Java-based network deception tool; Web-based monitoring interface; network administration; network traffic; rule-based intrusion detection engine; Computer interfaces; Computer networks; Computerized monitoring; Data security; Engines; Handheld computers; Intrusion detection; Java; Telecommunication traffic; Workstations;
Conference_Titel :
Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on
Print_ISBN :
0-7695-2108-8
DOI :
10.1109/ITCC.2004.1286568
