Abstract | ||
---|---|---|
Protecting computer and information systems from security attacks is becoming an increasingly important task for system administrators. Honeypots are a technology often used to detect attacks and collect information about techniques and targets (e.g., services, ports, operating systems) of attacks. However, managing a large and complex network of honeypots becomes a challenge given the amount of data collected as well as the risk that the honeypots may become infected and start attacking other machines. In this paper, we present DarkNOC, a management and monitoring tool for complex honeynets consisting of different types of honeypots as well as other data collection devices. DarkNOC has been actively used to manage a honeynet consisting of multiple subnets and hundreds of IP addresses. This paper describes the architecture and a number of case studies demonstrating the use of DarkNOC. |
Year | Venue | Keywords |
---|---|---|
2011 | LISA | important task,information system,ip address,multiple subnets,protecting computer,complex honeynets,different type,data collection device,honeypot management,case study,complex network |
Field | DocType | Citations |
Information system,Honeypot,Data collection,World Wide Web,Port (computer networking),Architecture,Computer science,Computer security,Complex network,Dashboard (business) | Conference | 0 |
PageRank | References | Authors |
0.34 | 15 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Bertrand Sobesto | 1 | 12 | 2.71 |
Michel Cukier | 2 | 668 | 54.60 |
Matti Hiltunen | 3 | 299 | 17.56 |
Dave Kormann | 4 | 127 | 27.77 |
Gregg T. Vesonder | 5 | 80 | 29.67 |
Robin Berthier | 6 | 275 | 18.99 |