Paper Info
Title
Comparison of Empirical Data from Two Honeynets and a Distributed Honeypot Network
Abstract
In this paper we present empirical results and speculative analysis based on observations collected over a two month period from studies with two high interaction honeynets, deployed in a corporate and an SME (Small to Medium Enterprise) environment, and a distributed honeypots deployment. All three networks contain a mixture of Windows and Linux hosts. We detail the architecture of the deployment and results of comparing the observations from the three environments. We analyze in detail the times between attacks on different hosts, operating systems, networks or geographical location. Even though results from honeynet deployments are reported often in the literature, this paper provides novel results analyzing traffic from three different types of networks and some initial exploratory models. This research aims to contribute to endeavours in the wider security research community to build methods, grounded on strong empirical work, for assessment of the robustness of computer-based systems in hostile environments.
Year
DOI
Venue
2008
10.1109/ISSRE.2008.62
ISSRE
Keywords
Field
DocType
honeypot network,empirical result,honeypots deployment,computer-based system,wider security research community,honeynet deployment,strong empirical work,linux host,different type,medium enterprise,empirical data,different host,linux,operating system,databases,distributed processing,servers,security,operating systems
Honeypot,Architecture,Software deployment,Location,Computer science,Small to medium enterprises,Computer security,Server,Robustness (computer science)
Conference
Citations 
PageRank 
References 
2
0.41
8
Authors
4
Name
Order
Citations
PageRank
Robin E. Bloomfield122744.91
Ilir Gashi217117.20
Andrey Povyakalo3577.53
Vladimir Stankovic4546.10