Behavioral Analysis of Bot Activity in Infected Systems Using Honeypots
| Autor: | Tomas Sochor, Matej Zuzcak |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Honeypot
Computer science computer.internet_protocol 02 engineering and technology Computer security computer.software_genre IPv4 Behavioral analysis 020204 information systems 0202 electrical engineering electronic engineering information engineering Attack patterns Malware 020201 artificial intelligence & image processing Session (computer science) Web threat computer |
| Zdroj: | Computer Networks ISBN: 9783319597669 CN |
| DOI: | 10.1007/978-3-319-59767-6_10 |
| Popis: | New Internet threats emerge on daily basis and honeypots have become widely used for capturing them in order to investigate their activities. The paper focuses on a detailed analysis of the behavior of various attacks agains 7 Linux–based honeypots. The attacks were analyzed according to the threat type, session duration, AS, country and RIR of the attack origin. Clusters of similar objects were formed accordingly and certain typical attack patterns for potential detection automation as well as some aspects of threat dissemination were identified. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|