• DocumentCode
    2906089
  • Title

    Improved self adaptive honeypots capable of detecting rootkit malware

  • Author

    Pauna, Adrian

  • Author_Institution
    Fac. of Mil. Electron. Comput. Sci. Syst., Mil. Tech. Acad., Bucharest, Romania
  • fYear
    2012
  • fDate
    21-23 June 2012
  • Firstpage
    281
  • Lastpage
    284
  • Abstract
    The latest trends in the development of high interaction honeypots show that adaptive honeypots, which lure attackers by changing their behavior, are a feasible solution for gathering of as much information as possible about them. Adaptive Honeypot systems based on Game theory are in a development stage and the systems created until now are focused mostly on applying game-theoretic concepts for the configuration and reciprocal actions of high-interaction honeypots [1]. The paper presents a tested proof of concept system that integrates dynamic taint analysis with an existing adaptive honeypot in order to detect the rootkit malware that the attacker installs.
  • Keywords
    computer network security; game theory; invasive software; dynamic taint analysis; game theory; high-interaction honeypot development; rootkit malware detection; self-adaptive honeypots; Adaptive systems; Game theory; Kernel; Malware; Monitoring; Organizations; Unified modeling language; dynamic taint analysis; game theory; honeypot; user mode linux;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications (COMM), 2012 9th International Conference on
  • Conference_Location
    Bucharest
  • Print_ISBN
    978-1-4577-0057-6
  • Type

    conf

  • DOI
    10.1109/ICComm.2012.6262612
  • Filename
    6262612
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2906089