Title :
Honeydoop - a system for on-demand virtual high interaction honeypots
Author :
Kulkarni, Santosh ; Mutalik, M. ; Kulkarni, Parag ; Gupta, Tushar
Author_Institution :
Dept. of Comput. Eng., Pune Inst. of Comput. Technol., Pune, India
Abstract :
On demand allocation of honeypots at right places on the network and at right time would considerably make the network more secure and harder to sneak into. This paper proposes an idea of dynamically creating, modifying and managing virtual honeypots-Honeydoop. Honeydoop is a system of dynamically creating, modifying and managing virtual honeypots. It combines the concept of honeypots and uses big data analyzer Hadoop for quick information retrieval and analysis. The goal of the system is to create evanescent honeypots at right places and times, on demand, to achieve better security in this ever changing environment. The system finds the machines on the network which attackers are interested in using IDS alerts and network traffic analysis. Virtual honeypots replicating those systems are then created and deployed on the network. Suspicious traffic destined for the target system is then redirected to the newly created honeypot. Dormant honeypots are deleted periodically. Honeydoop can also be used to analyze existing honeypot logs.
Keywords :
data analysis; information retrieval; security of data; telecommunication traffic; Honeydoop; IDS alerts; data analyzer Hadoop; dormant honeypots; information analysis; information retrieval; network traffic analysis; on-demand virtual high interaction honeypots; virtual honeypots; Databases; Organizations; Switches; Hadoop; Honeypots; Virtual Honeypots;
Conference_Titel :
Internet Technology And Secured Transactions, 2012 International Conference for
Conference_Location :
London
Print_ISBN :
978-1-4673-5325-0
