• DocumentCode
    3061998
  • Title

    A Study of Intrusion Signature Based on Honeypot

  • Author

    Tian, Jun-feng ; Wang, Jian-Ling ; Yang, Xiao-Hui ; Li, Ren-Ling

  • Author_Institution
    Hebei University, Baoding, China
  • fYear
    2005
  • fDate
    05-08 Dec. 2005
  • Firstpage
    125
  • Lastpage
    129
  • Abstract
    To meet network security requirement, the model of SISH (Study of Intrusion Signature based on Honeypot) takes advantage of honeypot technology to collect the activities of attackers on the honeypot. According to information replied from the honeypot, and data captured on the network, one can reproduce the attack with attack tree. Having classified the attack information of the attacked objects, one can create the signature of the intrusion data in the same class by LCS(Longest Common Sub-string) algorithm. new signatures are used to enrich the signature database of the IDS to make up for the deficiency of the IDSs and perfect defense system.
  • Keywords
    Computer hacking; Computer networks; Data security; Educational institutions; Electronic mail; Intrusion detection; Libraries; Mathematics; Production; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Parallel and Distributed Computing, Applications and Technologies, 2005. PDCAT 2005. Sixth International Conference on
  • Print_ISBN
    0-7695-2405-2
  • Type

    conf

  • DOI
    10.1109/PDCAT.2005.51
  • Filename
    1578880
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3061998