首页    期刊浏览 2024年12月13日 星期五
登录注册

文章基本信息

  • 标题:HONEYPOT BASED INTRUSION MANAGEMENT SYSTEM: FROM A PASSIVE ARCHITECTURE TO AN IPS SYSTEM
  • 本地全文:下载
  • 作者:ELMEHDI BENDRISS ; BOUBKER REGRAGUI
  • 期刊名称:Journal of Theoretical and Applied Information Technology
  • 印刷版ISSN:1992-8645
  • 电子版ISSN:1817-3195
  • 出版年度:2013
  • 卷号:47
  • 期号:2
  • 页码:792-797
  • 出版社:Journal of Theoretical and Applied
  • 摘要:In this paper, we are presenting an Intrusion Prevention System (IPS) based on multiple sensors in the network. These sensors are in fact honeypots built using honeyd. Honeyd is a high level honeypot which is very light and which is offering a lot of possibilities to get the most of information gathered about attackers in general. In fact, we are presenting a solution to go from passive and isolated sensors to a collaborative platform to help prevent intrusions by analyzing all collected data. To be able to do this, honeyd2db module was developed to enable honeyd to log its data into a database instead of a local file to the sensor. This aggregation of data from all sensors give us the possibility to analyze all collected logs as a hole and come out with a decision (deny network traffic on a firewall for example) using any of the known methods of data analysis.
  • 关键词:Intrusion Prevention System (IPS); Honeypots; Honeyd; Network Sensors; Distributed System
国家哲学社会科学文献中心版权所有