Abstract | ||
---|---|---|
During 2012, we conducted a long term IPv6-darknet experiment. We observed a relatively high number of interesting events and therefore needed additional network security tools to capture and analyse potentially harmful IPv6 traffic. This paper presents HoneydV6, a low-interaction IPv6 honeypot that can simulate entire IPv6 networks and which may be utilized to detect and analyze IPv6 network attacks. Our implementation is based on the well-known low-interaction honeypot Honeyd. To the best of our knowledge, this is the first low-interaction honeypot which is able to simulate entire IPv6 networks on a single host. Enticing attackers to exploit an IPv6 honeypot requires new approaches and concepts because of the huge IPv6 address space. We solved this problem through a dynamic instantiation mechanism that increases the likelihood for an attacker to find a target host in our IPv6 honeynet. |
Year | DOI | Venue |
---|---|---|
2013 | 10.1007/978-3-662-44788-8_15 | Communications in Computer and Information Science |
Keywords | Field | DocType |
IPv6,Honeypot,Darknet,IPv6 traffic analysis | IPv6,Honeypot,Computer security,Darknet,Computer science,Network security,Knowledge management,Exploit,IPv6 address,Network attack | Conference |
Volume | ISSN | Citations |
456 | 1865-0929 | 0 |
PageRank | References | Authors |
0.34 | 5 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Sven Schindler | 1 | 3 | 1.49 |
Bettina Schnor | 2 | 142 | 26.36 |
Simon Kiertscher | 3 | 10 | 3.03 |
Thomas Scheffler | 4 | 9 | 4.16 |
Eldad Zack | 5 | 0 | 0.34 |