Title :
Towards a third generation data capture architecture for honeynets
Author :
Balas, Edward ; Viecco, Camilo
Author_Institution :
Adv. Network Manage. Lab, Indiana Univ., Bloomington, IN, USA
Abstract :
Honeynets have become an important tool for researchers and network operators. However, their effectiveness has been impeded by a lack of a standard unified honeynet data model which results from having multiple unrelated data sources, each with its own access method and format. In this paper we propose a new data collection architecture that addresses the need for both rapid comprehension and detailed analysis by providing two data access methods: a relational model based fast path, and a canonical slow path. We also present a set of tools based on this architecture.
Keywords :
computer networks; data models; knowledge acquisition; security of data; canonical slow path; computer network; data access method; data capture architecture; data collection architecture; data format; data sources; fast path; honeynet data model; honeynets; honeypots; relational model; Conferences; Cryptography; Data models; Data security; Impedance; Intrusion detection; Linux; Monitoring; Operating systems; Telecommunication traffic;
Conference_Titel :
Information Assurance Workshop, 2005. IAW '05. Proceedings from the Sixth Annual IEEE SMC
Print_ISBN :
0-7803-9290-6
DOI :
10.1109/IAW.2005.1495929
