Sciweavers

VIROLOGY
2008

Internet attacks monitoring with dynamic connection redirection mechanisms

13 years 11 months ago
Internet attacks monitoring with dynamic connection redirection mechanisms
High-interaction honeypots are interesting as they help understand how attacks unfold on a compromised machine. However, observations are generally limited to the operations performed by the attackers on the honeypot itself. Outgoing malicious activities carried out from the honeypot towards remote machines on the Internet are generally disallowed for legal liability reasons. It is particularly instructive, however, to observe activities initiated from the honeypot in order to monitor attacker behavior across different, possibly compromised remote machines. This paper proposes to this end a dynamic redirection mechanism of connections initiated from the honeypot. This mechanism gives the attacker the illusion of being actually connected to a remote machine whereas he is redirected to another local honeypot. The originality of the proposed redirection mechanism lies in its dynamic aspect: the redirections are made automatically on the fly. This mechanism has been implemented and tested...
Eric Alata, Ion Alberdi, Vincent Nicomette, Philip
Added 16 Dec 2010
Updated 16 Dec 2010
Type Journal
Year 2008
Where VIROLOGY
Authors Eric Alata, Ion Alberdi, Vincent Nicomette, Philippe Owezarski, Mohamed Kaâniche
Comments (0)