Container based virtual honeynet for increased network security

Honeynet represents a new strategy in defending the computer networks and systems against unauthorized access or hacking attempts. Not only it can detect and display the attack pattern or the tools utilized, it can also help in eliminating access to real systems by representing an emulation of the physical systems and services present within the network, thus delaying or confusing the intruder. In this paper we provide an overview of a lightweight container based deployment that emulates popular Linux and Windows services to unsuspecting intruders. Results show the real world attacks against the deployed system.

[1]  Gurpal Singh,et al.  Design & Implementation of Linux based Network Forensic System using Honeynet , 2012 .

[2]  Eugene Albin A Comparative Analysis of the Snort and Suricata Intrusion-Detection Systems , 2011 .

[3]  Jian Bao,et al.  Research on network security of defense based on Honeypot , 2010, 2010 International Conference on Computer Application and System Modeling (ICCASM 2010).

[4]  Emanuele Goldoni,et al.  An Open Architecture for Distributed Malware Collection and Analysis , 2010 .

[5]  D. Watson,et al.  The Honeynet Project: Data Collection Tools, Infrastructure, Archives and Analysis , 2008, 2008 WOMBAT Workshop on Information Security Threats Data Collection and Sharing.

[6]  Michael Ligh,et al.  Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code , 2010 .

[7]  Razvan Deaconescu,et al.  Detecting and Analyzing Zero-Day Attacks Using Honeypots , 2013, 2013 19th International Conference on Control Systems and Computer Science.

[8]  Fahim H. Abbasi,et al.  Experiences with a Generation III virtual Honeynet , 2009, 2009 Australasian Telecommunication Networks and Applications Conference (ATNAC).

[9]  R.C. Joshi,et al.  A honeypot system for efficient capture and analysis of network attack traffic , 2011, 2011 International Conference on Signal Processing, Communication, Computing and Networking Technologies.

[10]  Davide Balzarotti,et al.  Towards network containment in malware analysis systems , 2012, ACSAC '12.

[11]  Peter Sommerlad,et al.  Security Patterns: Integrating Security and Systems Engineering , 2006 .

[12]  G. Santhosh Kumar,et al.  Virtualization Techniques: A Methodical Review of XEN and KVM , 2011, ACC.

[13]  Iyatiti Mokube,et al.  Honeypots: concepts, approaches, and challenges , 2007, ACM-SE 45.

[14]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[15]  Mahmoud T. Qassrawi,et al.  Deception Methodology in Virtual Honeypots , 2010, 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing.

[16]  Anjali Sardana,et al.  Honeypots: A New Paradigm to Information Security , 2011 .

[17]  Kasmiran Jumari,et al.  Computer network intrusion detection software development , 2000, 2000 TENCON Proceedings. Intelligent Systems and Technologies for the New Millennium (Cat. No.00CH37119).

[18]  Chaoliang Li,et al.  The Dynamic Honeypot Design and Implementation Based on Honeyd , 2011, CSEE.

[19]  Yan Chen,et al.  Honeynet-based Botnet Scan Traffic Analysis , 2008, Botnet Detection.

[20]  R. Shaikh,et al.  Virtualization: a key feature of cloud computing , 2010, ICWET.

[21]  Nogal Memari,et al.  Towards virtual honeynet based on LXC virtualization , 2014, 2014 IEEE REGION 10 SYMPOSIUM.

[22]  Chung-Huang Yang,et al.  Design and implementation of honeypot systems based on open-source software , 2008, 2008 IEEE International Conference on Intelligence and Security Informatics.