Volume 1, Issue 2, April 2013, Pages 108 - 123
Design and Implementation of Dynamic Hybrid Virtual Honeypot Architecture for Attack Analysis
Yonas Kibret, Wang Yong
Received 12 March 2012, Accepted 7 November 2012, Available Online 1 April 2013.
- https://doi.org/10.2991/ijndc.2013.1.2.5How to use a DOI?
- Low interaction honeypot, High Interaction Honeypot, Dynamic honeypot, Honeyd, Honeywall, VMware
- Honeypots are dedicated machines whose aim is to delay and divert attackers away from critical resources in order to study new methods and tools used by attackers. However, when looking most of current honeypot systems are statically configured and managed. They are either low interaction honeypot or high interaction honeypot. On this paper, we proposed Dynamic Hybrid Virtual Honeypots Architecture in a single machine. It is capable of adapting in constantly changing network environment using both active and passive scanning. It also mitigates the drawback of low and high interaction honeypots. We use low interaction honeypots as proxy to claim for multiple IP address and to filter uninteresting traffic whereas high interaction honeypots to give optimal level of realism. To capture, analyze and control attack method and tools we used a gateway. Finally, we deploy the proposed architecture and present statically analysis of attacks. The experiment result proves this architecture can claim for multiple IP address, filter uninteresting traffic and gives a realism response for attacker.
- Open Access
- This is an open access article distributed under the CC BY-NC license.
Cite this article
TY - JOUR AU - Yonas Kibret AU - Wang Yong PY - 2013 DA - 2013/04 TI - Design and Implementation of Dynamic Hybrid Virtual Honeypot Architecture for Attack Analysis JO - International Journal of Networked and Distributed Computing SP - 108 EP - 123 VL - 1 IS - 2 SN - 2211-7946 UR - https://doi.org/10.2991/ijndc.2013.1.2.5 DO - https://doi.org/10.2991/ijndc.2013.1.2.5 ID - Kibret2013 ER -