Proceedings of the International Conference on Logistics, Engineering, Management and Computer Science

Design of a worm isolation and unknown worm monitoring system based on Honeypot

Authors
Abdulaziz Nasser A AlFraih, Wenbo Chen
Corresponding Author
Abdulaziz Nasser A AlFraih
Available Online May 2014.
DOI
https://doi.org/10.2991/lemcs-14.2014.150How to use a DOI?
Keywords
network security; Intrusion Detection Systems; Honeypot; Snort; Worm;
Abstract
It has been proved being cumbersome and ineffective to prevent attacks in computer networks. However, the detection strategies have been found to be effective and less costly. The use of Intrusion Detection Systems (IDS) as a detection technique has been widely implemented in computer networks. Meanwhile, there is another strategy can reduce the occurrence of network intrusion, namely Honeypot. Honeypot is a proactive defense technology, introduced by the defense side to change the asymmetric situation of a network attack and defensive game. Through the deployment of the honeypots, i.e. security resources without any production purpose, the defenders can deceive intruders to attack the honeypots, then capture and analyze the attack behaviors in order to understand the attack tools and methods, and to learn the intentions and motivations. The paper analyzed the characteristics and the harms of worm virus, put forward a kind of custom honeypot system. Which according to the intrusion detection, virtual honeypot and data mining technology, using guile address space technology for the purpose of capturing known worms, isolating and delaying the unknown worms scanning speed, and analyzes the log by data mining, update the intrusion detection system rules set, and make timely response and take defense.
Open Access
This is an open access article distributed under the CC BY-NC license.

Download article (PDF)

Proceedings
International Conference on Logistics Engineering, Management and Computer Science (LEMCS 2014)
Part of series
Advances in Intelligent Systems Research
Publication Date
May 2014
ISBN
978-94-6252-010-3
ISSN
1951-6851
DOI
https://doi.org/10.2991/lemcs-14.2014.150How to use a DOI?
Open Access
This is an open access article distributed under the CC BY-NC license.

Cite this article

TY  - CONF
AU  - Abdulaziz Nasser A AlFraih
AU  - Wenbo Chen
PY  - 2014/05
DA  - 2014/05
TI  - Design of a worm isolation and unknown worm monitoring system based on Honeypot
BT  - International Conference on Logistics Engineering, Management and Computer Science (LEMCS 2014)
PB  - Atlantis Press
SN  - 1951-6851
UR  - https://doi.org/10.2991/lemcs-14.2014.150
DO  - https://doi.org/10.2991/lemcs-14.2014.150
ID  - AlFraih2014/05
ER  -