论文信息 - Using data analysis by deploying Artificial Neural Networks to increase honeypot security

Using data analysis by deploying Artificial Neural Networks to increase honeypot security

The goal of this research is to increase honeypot security through data analysis with Artificial Neural Network (ANN). Thus, first we present an approach to detection presence of computer malcode in the honeypot based on ANN while using the computer's behavioral measures. Then, we identify significant features, which describe the activity of a malcode within a honeypot, by acquiring these from security experts. We suggest employing fisher's score, one of the feature selection techniques, for the dimensionality reduction and identification of the most prominent features to capture efficiently the computer behavior in content of malcode activity. Later on, we preprocess the dataset according to this technique and train the ANN model with preprocessed data. Finally, we evaluate the ability of the model to detect the presence of a malcode in the honeypot when honeypot is at risk.

Ramin Nassiri | GolamReza Latif-Shabgahi | Milad Daliran

[1] Miguel Hernández,et al. Honeypots: Basic Concepts, Classification and Educational Use as Resources in Information Security Education and Courses , 2008 .

[2] D. Signorini,et al. Neural networks , 1995, The Lancet.

[3] Yuval Shahar,et al. Improving Worm Detection with Artificial Neural Networks through Feature Selection and Temporal Analysis Techniques , 2008 .

[4] S. Mrdović. Network packet payload analysis for intrusion detection , 2006 .

[5] T.,et al. Training Feedforward Networks with the Marquardt Algorithm , 2004 .

[6] Jung-Min Park,et al. An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.

[7] Yuval Shahar,et al. Application of Artificial Neural Networks Techniques to Computer Worm Detection , 2006, The 2006 IEEE International Joint Conference on Neural Network Proceedings.