Detecting Malwares in Honeynet Using a Multi-agent System
暂无分享,去创建一个
The importance of network security is rapidly increasing as more and more business is conducted via these systems. The proposed honeynet system can be used to detect bots or malware based on the evaluation of events occurring within a computer network. A honeypot is a trap set to detect, deflect or in some manner counteract attempts at unauthorized access to information systems. A honeynet (a network consisting of 2 or more honeypots) is used for surveillance of larger or more diverse networks for which one honeypot may not be sufficient. The detection algorithms of these systems are based on signatures derived from the analysis of various types of malicious software. The proposed honeynet system is a combination of a post intrusion detection system and a files analyzer. It has been implemented using multi-agent technology.
[1] Geng Yang,et al. A Distributed Honeypot System for Grid Security , 2003, GCC.
[2] Bo Zhu,et al. A New Approach to Malware Detection , 2009, ISA.
[3] Graham Clark,et al. Intrusion Prevention and Active Response: Deploying Network and Host IPS , 2005 .
[4] Jon Erickson,et al. Hacking: The Art of Exploitation , 2008 .
[5] Vinod Yegneswaran,et al. Employing Honeynets For Network Situational Awareness , 2010, Cyber Situational Awareness.