Title :
A Study of Intrusion Signature Based on Honeypot
Author :
Tian, Jun-feng ; Wang, Jian-Ling ; Yang, Xiao-Hui ; Li, Ren-Ling
Author_Institution :
Hebei University, Baoding, China
Abstract :
To meet network security requirement, the model of SISH (Study of Intrusion Signature based on Honeypot) takes advantage of honeypot technology to collect the activities of attackers on the honeypot. According to information replied from the honeypot, and data captured on the network, one can reproduce the attack with attack tree. Having classified the attack information of the attacked objects, one can create the signature of the intrusion data in the same class by LCS(Longest Common Sub-string) algorithm. new signatures are used to enrich the signature database of the IDS to make up for the deficiency of the IDSs and perfect defense system.
Keywords :
Computer hacking; Computer networks; Data security; Educational institutions; Electronic mail; Intrusion detection; Libraries; Mathematics; Production; Protection;
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies, 2005. PDCAT 2005. Sixth International Conference on
Print_ISBN :
0-7695-2405-2
DOI :
10.1109/PDCAT.2005.51
