Proceedings of the International Conference on Logistics, Engineering, Management and Computer Science

Design of a worm isolation and unknown worm monitoring system based on Honeypot

Authors
Abdulaziz Nasser A AlFraih, Wenbo Chen
Corresponding Author
Abdulaziz Nasser A AlFraih
Available Online May 2014.
DOI
10.2991/lemcs-14.2014.150How to use a DOI?
Keywords
network security; Intrusion Detection Systems; Honeypot; Snort; Worm;
Abstract

It has been proved being cumbersome and ineffective to prevent attacks in computer networks. However, the detection strategies have been found to be effective and less costly. The use of Intrusion Detection Systems (IDS) as a detection technique has been widely implemented in computer networks. Meanwhile, there is another strategy can reduce the occurrence of network intrusion, namely Honeypot. Honeypot is a proactive defense technology, introduced by the defense side to change the asymmetric situation of a network attack and defensive game. Through the deployment of the honeypots, i.e. security resources without any production purpose, the defenders can deceive intruders to attack the honeypots, then capture and analyze the attack behaviors in order to understand the attack tools and methods, and to learn the intentions and motivations. The paper analyzed the characteristics and the harms of worm virus, put forward a kind of custom honeypot system. Which according to the intrusion detection, virtual honeypot and data mining technology, using guile address space technology for the purpose of capturing known worms, isolating and delaying the unknown worms scanning speed, and analyzes the log by data mining, update the intrusion detection system rules set, and make timely response and take defense.

Copyright
© 2014, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Volume Title
Proceedings of the International Conference on Logistics, Engineering, Management and Computer Science
Series
Advances in Intelligent Systems Research
Publication Date
May 2014
ISBN
10.2991/lemcs-14.2014.150
ISSN
1951-6851
DOI
10.2991/lemcs-14.2014.150How to use a DOI?
Copyright
© 2014, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - CONF
AU  - Abdulaziz Nasser A AlFraih
AU  - Wenbo Chen
PY  - 2014/05
DA  - 2014/05
TI  - Design of a worm isolation and unknown worm monitoring system based on Honeypot
BT  - Proceedings of the International Conference on Logistics, Engineering, Management and Computer Science
PB  - Atlantis Press
SP  - 658
EP  - 661
SN  - 1951-6851
UR  - https://doi.org/10.2991/lemcs-14.2014.150
DO  - 10.2991/lemcs-14.2014.150
ID  - AlFraih2014/05
ER  -