Title :
UML extensions for honeypots in the ISTS Distributed Honeypot Project
Author :
Carella, Christopher ; Dike, Jeff ; Fox, Naomi ; Ryan, Mark
Author_Institution :
Inst. for Security Technol. Studies, Dartmouth Coll., Hanover, NH, USA
Abstract :
A distributed honeypot system is a collection of honeypots distributed throughout the Internet that send their data to a central analysis point. In such a system, the need for automation, flexibility, and transparency in data control, data capture, and honeypot cleanup is more readily satisfied with virtual machine technology than with native installations. The Distributed Honeypot Project at Dartmouth College´s Institute for Security Technology Studies has extended (and proposed further extensions to) User-Mode Linux (UML), a virtual-machine version of the Linux operating system, to satisfy these needs. The extensions make UML a more suitable honeypot platform, and will be useful to any Linux-based honeypot researcher.
Keywords :
Internet; Linux; network operating systems; security of data; virtual machines; Distributed Honeypot Project; Internet; UML extensions; User-Mode Linux operating system; distributed honeypot system; security; virtual machine technology; Automatic control; Automation; Control systems; Data security; Educational institutions; Internet; Linux; Operating systems; Unified modeling language; Virtual machining;
Conference_Titel :
Information Assurance Workshop, 2004. Proceedings from the Fifth Annual IEEE SMC
Print_ISBN :
0-7803-8572-1
DOI :
10.1109/IAW.2004.1437808
