A honeypot system with honeyword-driven fake interactive sessions

Author

Catuogno, Luigi ; Castiglione, Aniello ; Palmieri, Francesco

Author_Institution

Dept. of Comput. Sci., Univ. of Salerno, Fisciano, Italy

fYear

2015

fDate

20-24 July 2015

Firstpage

187

Lastpage

194

Abstract

Honeypots are an indispensable tool for network and system security as well as for computer forensic investigations. They can be helpful for detecting possible intrusions, as well as for gathering information about their source, attack patterns, final target and purpose. Highly interactive honeypots, are probably the most useful and enlightening ones, since they reveal many information about intruders´ behavior and skills, even though the implementation and setup of such tools might require considerable efforts and computational resources. Accordingly we present an architecture for highly interactive honeypots aiming at detecting password-cracking attacks by means of honeywords and leveraging container-based virtualization to provide persistent sessions needed to capture attacker activities.

Keywords

authorisation; computer network security; virtualisation; computer forensic; container-based virtualization; highly-interactive honeypots; honeypot system; honeyword-driven fake interactive sessions; information gathering; intruder behavior; intruder skills; intrusion detection; network security; password-cracking attack detection; persistent sessions; system security; Arrays; Authentication; Indexes; Virtualization; Container-based Virtualization; Honeynets; Honeypots; Honeywords; Intrusion Detection; Intrusion Prevention; Security and Virtualization;

fLanguage

English

Publisher

ieee

Conference_Titel

High Performance Computing & Simulation (HPCS), 2015 International Conference on

Conference_Location

Amsterdam

Print_ISBN

978-1-4673-7812-3

Type

conf

DOI

10.1109/HPCSim.2015.7237039

Filename

7237039