International Journal of Networked and Distributed Computing

Volume 1, Issue 2, April 2013, Pages 108 - 123

Design and Implementation of Dynamic Hybrid Virtual Honeypot Architecture for Attack Analysis

Authors
Yonas Kibret, Wang Yong
Corresponding Author
Yonas Kibret
Received 12 March 2012, Accepted 7 November 2012, Available Online 1 April 2013.
DOI
10.2991/ijndc.2013.1.2.5How to use a DOI?
Keywords
Low interaction honeypot, High Interaction Honeypot, Dynamic honeypot, Honeyd, Honeywall, VMware
Abstract

Honeypots are dedicated machines whose aim is to delay and divert attackers away from critical resources in order to study new methods and tools used by attackers. However, when looking most of current honeypot systems are statically configured and managed. They are either low interaction honeypot or high interaction honeypot. On this paper, we proposed Dynamic Hybrid Virtual Honeypots Architecture in a single machine. It is capable of adapting in constantly changing network environment using both active and passive scanning. It also mitigates the drawback of low and high interaction honeypots. We use low interaction honeypots as proxy to claim for multiple IP address and to filter uninteresting traffic whereas high interaction honeypots to give optimal level of realism. To capture, analyze and control attack method and tools we used a gateway. Finally, we deploy the proposed architecture and present statically analysis of attacks. The experiment result proves this architecture can claim for multiple IP address, filter uninteresting traffic and gives a realism response for attacker.

Copyright
© 2013, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Journal
International Journal of Networked and Distributed Computing
Volume-Issue
1 - 2
Pages
108 - 123
Publication Date
2013/04/01
ISSN (Online)
2211-7946
ISSN (Print)
2211-7938
DOI
10.2991/ijndc.2013.1.2.5How to use a DOI?
Copyright
© 2013, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - JOUR
AU  - Yonas Kibret
AU  - Wang Yong
PY  - 2013
DA  - 2013/04/01
TI  - Design and Implementation of Dynamic Hybrid Virtual Honeypot Architecture for Attack Analysis
JO  - International Journal of Networked and Distributed Computing
SP  - 108
EP  - 123
VL  - 1
IS  - 2
SN  - 2211-7946
UR  - https://doi.org/10.2991/ijndc.2013.1.2.5
DO  - 10.2991/ijndc.2013.1.2.5
ID  - Kibret2013
ER  -