Abstract | ||
---|---|---|
In recent years, considerable attention has been paid to the Internet security. Honeypot is one of effective mechanism to detect and analyze intruders activities. Since packets sent to honeypots are almost always malicious, thus false alarts, that is serious problems in the normal intrusion detction system, are minimized. However, there are two important disadvantages in honeypot. First, the scope of a honeypot is limited to the address it attached. Second, there are potential risk that honeypot is compromised by a smart intruder. In this paper, we propose a centralized surveillance of unused address space. The whole unused addresses in the organization are virtually watched by a small number of the honeypots installed in a special network under the control. By the aggregation of honeypots, honeypots may be supervised well, and the risk of compromise may be reduced. The surveillance system can be established without making alternation in existing network equipments. It selects the address under surveillance autonomously. It is able to adapt to addition and deletion of networks and hosts without any administration. |
Year | DOI | Venue |
---|---|---|
2005 | 10.1109/PRDC.2005.23 | PRDC |
Keywords | DocType | ISBN |
whole unused address,surveillance autonomously,unused address space,surveillance system,centralized surveillance,virtual networks,potential risk,network equipments,internet security,normal intrusion detction system,special network,internet,intrusion detection system | Conference | 0-7695-2492-3 |
Citations | PageRank | References |
0 | 0.34 | 2 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Takashi Minohara | 1 | 2 | 2.21 |
Satoshi Ishikawa | 2 | 0 | 0.34 |
Masahiro Amano | 3 | 0 | 0.34 |