Honeypots and Network Security Research by: Christopher MacLellan Project Mentor: Jim Ward EPSCoR and Honors Program.

Slides:



Advertisements
Similar presentations
Honeynet Introduction Tang Chin Hooi APAN Secretariat.
Advertisements

Free Beer and Free Speech Thomas Krichel
Linux Operating System Linux is a free open-source operating system based on Unix. Linux was originally created by Linus Torvalds with the assistance of.
HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.
Honeypot Group 1E Zahra Kamali (KAMZY001) Pratik Doshi (DOSPY001) Tapan Dave (DAVTH001)
Honeypot Research Hung Nguyen Brendan Roberts Comp 4027 Forensic and Analytical Computing.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
SUPERCOMPUTER TO THE RESCUE Justin Curry EKU, Dept. of Technology, CEN/CET)
Honeypots Presented by Javier Garcia April 21, 2010.
By : Versha Thakur Shravani Aishwarya
Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.
Automatic software deployment using user-level virtualization for cloud-computing Future Generation Computer System (2013) Youhui Zhang, Yanhua Li, Weimin.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential The Internet offers no inherent security services to its users; the data transmitted.
IT PLANNING Enterprise Architecture (EA) & Updates to the Plan.
Dec, Honeyd Virtual Honeypot Frame Work Niels Provos Presented by: Fadi MohsenSupervised by: Dr. Chow CS591 Research Project Presented by: Fadi Mohsen.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Honeynet/Honeypot Project - Leslie Cherian - Todd Deshane - Patty Jablonski - Creighton Long May 2, 2006.
WebQuilt and Mobile Devices: A Web Usability Testing and Analysis Tool for the Mobile Internet Tara Matthews Seattle University April 5, 2001 Faculty Mentor:
Data Structures and Programming.  John Edgar2.
Automatic software deployment using user-level virtualization for cloud-computing Future Generation Computer System (2013) Youhui Zhang, Yanhua Li, Weimin.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Security’s Final Fantasy Virtual Networks with User Mode Linux.
Intrusion Detection Systems Present by Ali Fanian In the Name of Allah.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
IDS – Intrusion Detection Systems. Overview  Concept  Concept : “An Intrusion Detection System is required to detect all types of malicious network.
HONEYPOT.  Introduction to Honeypot  Honeytoken  Types of Honeypots  Honeypot Implementation  Advantages and Disadvantages  Role of Honeypot in.
HoneyD (Part 2) Small Business NIDS This presentation demonstrates the ability for Small Businesses to emulate virtual operating systems and conduct.
Honeypots. Introduction A honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems.
Project Title : CyberGIS Project Members : M.S.R Perera D.S Kulasuriya W.M.D Jeewantha Project Title : CyberGIS Project Members : M.S.R Perera D.S Kulasuriya.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
NETWORK FILE ACCESS SECURITY Daniel Mattingly EKU, Dept. of Technology, CEN/CET.
Mobile Code Data Base by Arthur Reloj Overview: What's Mobile Code Purpose of a Mobile Code Data Base Problems concerning Mobile Code & Basic Design.
A Virtual Honeypot Framework Author: Niels Provos Published in: CITI Report 03-1 Presenter: Tao Li.
Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.
KFSensor Vs Honeyd Honeypot System Sunil Gurung
From Virtualization Management to Private Cloud with SCVMM 2012 Dan Stolts Sr. IT Pro Evangelist Microsoft Corporation
1Of 25. 2Of 25  Definition  Advantages & Disadvantages  Types  Level of interaction  Honeyd project: A Virtual honeypot framework  Honeynet project:
HONEYPOTS PRESENTATION TEAM: TEAM: Ankur Sharma Ashish Agrawal Elly Bornstein Santak Bhadra Srinivas Natarajan.
HONEYPOT By SIDDARTHA ELETI CLEMSON UNIVERSITY. Introduction Introduced in 1990/1991 by Clifford Stoll’™s in his book “The Cuckoo’s Egg” and by Bill Cheswick’€™s.
Presented by Spiros Antonatos Distributed Computing Systems Lab Institute of Computer Science FORTH.
A VIRTUAL HONEYPOT FRAMEWORK Author : Niels Provos Publication: Usenix Security Symposium Presenter: Hiral Chhaya for CAP6103.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Operating Systems Networking for Home and Small Businesses – Chapter.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
A Virtual Honeypot Framework Niels Provos Google, Inc. The 13th USENIX Security Symposium, August 9–13, 2004 San Diego, CA Presented by: Sean Mondesire.
Honeypots and Honeynets Alex Dietz. To discover methods used to breach a system To discover new root kits To learn what changes are made to a system and.
 Load balancing is the process of distributing a workload evenly throughout a group or cluster of computers to maximize throughput.  This means that.
Security with Honeyd By Ryan Olsen. What is Honeyd? ➲ Open source program design to create honeypot networks. ➲ What is a honeypot? ● Closely monitored.
Getting Started With Ubuntu Linux Presented by Grant Root
Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.
WebWatcher A Lightweight Tool for Analyzing Web Server Logs Hervé DEBAR IBM Zurich Research Laboratory Global Security Analysis Laboratory
Mark Shtern.  Our life depends on computer systems  Traffic control  Banking  Medical equipment  Internet  Social networks  Growing number of.
2: Operating Systems Networking for Home & Small Business.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
DIVYA K 1RN09IS016 RNSIT1. Cloud computing provides a framework for supporting end users easily through internet. One of the security issues is how to.
Why the need for an operating system? ● Managing the computer's memory ● Managing the hardware ● Providing a user interface.
Some Great Open Source Intrusion Detection Systems (IDSs)
Ian Bird, CERN WLCG Project Leader Amsterdam, 24 th January 2012.
Introduction to VMware Virtualization
IM-pack: Software Installation Using Disk Images
Click to edit Master subtitle style
Applying product line approaches used in physical products to software
Digital Pacman: Firewall Edition
IS3440 Linux Security Unit 9 Linux System Logging and Monitoring
Intrusion Detection Systems (IDS)
Concept of VLAN (Virtual LAN) and Benefits
12/6/2018 Honeypot ICT Infrastructure Sashan
Friday, December 07, 2018 Honeypot ICT Infrastructure Sashan Kantonsspital Graubunden ICT Department.
CT 1306 Communication Networks Management Lab
Operating System Security
DATS International Portfolio.
Presentation transcript:

Honeypots and Network Security Research by: Christopher MacLellan Project Mentor: Jim Ward EPSCoR and Honors Program

Honeypot? What is it? Name originates from pots of honey used to trap unsuspecting wasps. This same concept can be applied to computers to catch unsuspecting malicious computer users.

Honeypot? What is it? (cont.) Honeypot Components  Fake computer system (virtual or physical)  No legitimate production usage or traffic  Looks like a tantalizing production system  Logging and alert mechanisms in place

Physical vs. Virtual Honeypots Physical Honeypots are actual (physical) computers that are set up with additional logging and security mechanisms. Virtual Honeypots are a software package that allows you to fake numerous computer distributions at various places over the network from one computer.

Hybrid System This is the system I recommend. It uses virtual Honeypots to direct traffic to the physical Honeypots.

Honeypot Implementations Commercial Honeypots  Cost Money  Easy to use but not easy to modify Open Source Honeypots  Free  Difficult to use  Poor documentation

Research Objectives Configure and run an open source honeypot (honeyd). Build a live linux cd containing this already configured open source honeypot. Analyze the cost and security benefits of this implementation.

Honeyd Honeypot Was able to configure and run a honeyd honeypot. Discovered issues with honeyd that optimally would need to be fixed.  New scanner signature methods allows malicious users to detect the honeypot.

KNOPPIX live CD Used the KNOPPIX live CD framework to build a custom live CD. Was able to get this working and deploy honeyd on computers with CD drive in under 5 minutes.

Cost and Security Benefits Benefits  Cost  Easy and versatile to deploy  Read-only makes reseting safe and easy  Make a mistake? Simply reboot.

Conclusions The implementation I created addressed the problems with open source Honeypots. Honeyd needs some improvements to make this system as complete and functional as it could be. Moving Honeypot technology to easy to deploy read-only mediums is the best implementation.

Thank you Thanks to the Wyoming EPSCoR program for the funding to work on this project. Thanks to the UW Honors Program for all their support and guidance. Thanks to Jim Ward being my project mentor.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.