Abstract | ||
---|---|---|
In this paper we present empirical results and speculative analysis based on observations collected over a two month period from studies with two high interaction honeynets, deployed in a corporate and an SME (Small to Medium Enterprise) environment, and a distributed honeypots deployment. All three networks contain a mixture of Windows and Linux hosts. We detail the architecture of the deployment and results of comparing the observations from the three environments. We analyze in detail the times between attacks on different hosts, operating systems, networks or geographical location. Even though results from honeynet deployments are reported often in the literature, this paper provides novel results analyzing traffic from three different types of networks and some initial exploratory models. This research aims to contribute to endeavours in the wider security research community to build methods, grounded on strong empirical work, for assessment of the robustness of computer-based systems in hostile environments. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1109/ISSRE.2008.62 | ISSRE |
Keywords | Field | DocType |
honeypot network,empirical result,honeypots deployment,computer-based system,wider security research community,honeynet deployment,strong empirical work,linux host,different type,medium enterprise,empirical data,different host,linux,operating system,databases,distributed processing,servers,security,operating systems | Honeypot,Architecture,Software deployment,Location,Computer science,Small to medium enterprises,Computer security,Server,Robustness (computer science) | Conference |
Citations | PageRank | References |
2 | 0.41 | 8 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Robin E. Bloomfield | 1 | 227 | 44.91 |
Ilir Gashi | 2 | 171 | 17.20 |
Andrey Povyakalo | 3 | 57 | 7.53 |
Vladimir Stankovic | 4 | 54 | 6.10 |