Website and Network Security Techniques against Brute Force Attacks using Honeypot

The development of the internet and the web makes human activities more practical, comfortable, and inexpensive. So that the use of the internet and websites is increasing in various ways. Public networks make the security of websites vulnerable to attack. This research proposes a Honeypot for server security against attackers who want to steal data by carrying out a brute force attack. In this research, Honeypot is integrated on the server to protect the server by creating a shadow server. This server is responsible for tricking the attacker into not being able to enter the original server. Brute force attacks tested using Medusa tools. With the application of Honeypot on the server, it is proven that the server can be secured from the attacker. Even the log of activities carried out by the attacker in the shadow server is stored in the Kippo log activities.

[1]  T. Gireesh Kumar,et al.  Malware capturing and detection in dionaea honeypot , 2017, 2017 Innovations in Power and Advanced Computing Technologies (i-PACT).

[2]  Shaoning Pang,et al.  COR-Honeypot: Copy-On-Risk, Virtual Machine as Honeypot in the Cloud , 2016, 2016 IEEE 9th International Conference on Cloud Computing (CLOUD).

[3]  Mohammad Badrul Alam Miah,et al.  Enhancement of Web Security Against External Attack , 2017 .

[4]  Seema Sharma Detection and analysis of network & application layer attacks using Maya Honeypot , 2016, 2016 6th International Conference - Cloud System and Big Data Engineering (Confluence).

[5]  Jinhak Park,et al.  How to Design Practical Client Honeypots Based on Virtual Environment , 2016, 2016 11th Asia Joint Conference on Information Security (AsiaJCIS).

[6]  Taghi M. Khoshgoftaar,et al.  Detection of SSH Brute Force Attacks Using Aggregated Netflow Data , 2015, 2015 IEEE 14th International Conference on Machine Learning and Applications (ICMLA).

[7]  Baskoro Adi Pratomo,et al.  Clustering of SSH brute-force attack logs using k-clique percolation , 2016, 2016 International Conference on Information & Communication Technology and Systems (ICTS).

[8]  Setia Astuti,et al.  An improved secure image hiding technique using PN-sequence based on DCT-OTP , 2017, 2017 1st International Conference on Informatics and Computational Sciences (ICICoS).

[9]  Hans D. Schotten,et al.  An adaptive honeypot configuration, deployment and maintenance strategy , 2017, 2017 19th International Conference on Advanced Communication Technology (ICACT).

[10]  Eun-Jun Yoon,et al.  Design of Mutually Authenticated Key Agreement Protocol Resistant to Impersonation Attacks for Multi-Server Environment , 2017, IEEE Access.

[11]  Keshnee Padayachee,et al.  A survey of honeypot research: Trends and opportunities , 2015, 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST).

[12]  Kiattikul Treseangrat,et al.  Analysis of UDP DDoS flood cyber attack and defense mechanisms on Web Server with Linux Ubuntu 13 , 2015, 2015 International Conference on Communications, Signal Processing, and their Applications (ICCSPA'15).

[13]  De Rosal Ignatius Moses Setiadi,et al.  Payload Enhancement on Least Significant Bit Image Steganography Using Edge Area Dilation , 2019 .

[14]  Masahiko Takenaka,et al.  TOPASE: Detection of brute force attacks used disciplined IPs from IDS log , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).