Detection and analysis of network & application layer attacks using Maya Honeypot

This paper discusses the usage of Deception as a strategy in network security and development of Java based honeypot that is named as “Maya”. For network deception, intruders are deliberately provided with hosts having one or more vulnerabilities. Honeypot is such a network deception tool that provides illusion to the attackers. Basic purpose of Honeypot is to get compromised in order to gather information about intruders and their attack methods. It could also be used to lure attacker and divert him from the actual network. “Maya” honeypot is Java based deception tool having emulated services (FTP etc), a Rule & Anomaly based intrusion detection engine and a web based administration cum monitoring tool.

[1]  Lance Spitzner,et al.  Honeypots: catching the insider threat , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[2]  Yun Yang,et al.  Design of distributed honeypot system based on intrusion tracking , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[3]  T. Holz,et al.  Detecting honeypots and other suspicious environments , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[4]  Fred Cohen,et al.  A note on the role of deception in information protection , 1998, Computers & security.

[5]  G. Schryen An e-mail honeypot addressing spammers' behavior in collecting and applying addresses , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[6]  H. Artail,et al.  A Dynamic Honeypot Design for Intrusion Detection , 2004, The IEEE/ACS International Conference on Pervasive Services.

[7]  Baskoro Adi Pratomo,et al.  Aggressive web application honeypot for exposing attacker's identity , 2014, 2014 The 1st International Conference on Information Technology, Computer, and Electrical Engineering.

[8]  Nathalie Weiler,et al.  Honeypots for distributed denial-of-service attacks , 2002, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[9]  S. Gupta,et al.  Enhancing network intrusion detection system with honeypot , 2003, TENCON 2003. Conference on Convergent Technologies for Asia-Pacific Region.

[10]  Niels Provos,et al.  A Virtual Honeypot Framework , 2004, USENIX Security Symposium.

[11]  Xiao Su,et al.  J-Honeypot: a Java-based network deception tool with monitoring and intrusion detection , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..