Title :
A Pilot Study of Using Honeypots as Cyber Intelligence Sources
Author :
Bilstrup, Urban ; Rosenberg, Melanie
Author_Institution :
Sch. of Inf. Sci., Halmstad Univ., Halmstad, Sweden
Abstract :
There will always be a security gap between our ability to secure our networks and the actual level of security needed. When securing our networks we need good intelligence to direct our efforts and focus on the right spots. We need to find those spots and they can be found, with the right tools. Survival time is a method that provides possibilities to make decisions concerning information security risks based on true knowledge and hard facts, in a repeatable and scientific manner. This presented work aim to investigate the possibility to use survival time of an unprotected system as an intelligence source and measure the current survival time for a given unprotected system. By the deployment of a decoy, an unprotected system, data is captured and collected through port monitoring. Mainly focus lie on building a time curve presenting the estimated time for an unprotected public system to get detected on the Internet and the elapsed time hence the system gets attacked.
Keywords :
Internet; computer network security; risk analysis; Internet; cyber intelligence sources; hard facts; honeypots; information security risks; port monitoring; security gap; survival time; true knowledge; unprotected public system; Computer hacking; Distributed databases; Educational institutions; Internet; Operating systems; Terrorism; Cyber Intelligence; Internet security;
Conference_Titel :
Intelligence and Security Informatics Conference (EISIC), 2013 European
Conference_Location :
Uppsala
DOI :
10.1109/EISIC.2013.56
