Honeypots “The more you know about the enemy, the better you can protect about yourself” Rohan Rajeevan Srikanth Vanama Rakesh Akkera.

Slides:



Advertisements
Similar presentations
Honeynet Introduction Tang Chin Hooi APAN Secretariat.
Advertisements

Loss-Sensitive Decision Rules for Intrusion Detection and Response Linda Zhao Statistics Department University of Pennsylvania Joint work with I. Lee,
Uzair Masood MASYU001.  What is a honey Pot ? “ A honey pot is an information system resource whose value lies in unauthorized or illicit use.
HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.
Honeypot Group 1E Zahra Kamali (KAMZY001) Pratik Doshi (DOSPY001) Tapan Dave (DAVTH001)
ETHICAL HACKING.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.
Honeypots Presented by Javier Garcia April 21, 2010.
Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.
Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.
Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
Honeypot An instrument for attracting and detecting attackers Adapted from R. Baumann.
Installing and Configuring a Secure Web Server COEN 351 David Papay.
Lecture 11 Intrusion Detection (cont)
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Introduction to Honeypot, Botnet, and Security Measurement
Intrusion Detection Chapter 12.
Kirby Kuehl Honeynet Project Member 05/08/2002 Intrusion Deception.
HONEYPOT.  Introduction to Honeypot  Honeytoken  Types of Honeypots  Honeypot Implementation  Advantages and Disadvantages  Role of Honeypot in.
HoneyD (Part 2) Small Business NIDS This presentation demonstrates the ability for Small Businesses to emulate virtual operating systems and conduct.
Honeypots. Introduction A honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems.
Intrusion Detection Systems Austen Hayes Cameron Hinkel.
Honeypot and Intrusion Detection System
Chapter 6 of the Executive Guide manual Technology.
A Virtual Honeypot Framework Author: Niels Provos Published in: CITI Report 03-1 Presenter: Tao Li.
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
Honeynets Detecting Insider Threats Kirby Kuehl
KFSensor Vs Honeyd Honeypot System Sunil Gurung
1Of 25. 2Of 25  Definition  Advantages & Disadvantages  Types  Level of interaction  Honeyd project: A Virtual honeypot framework  Honeynet project:
HONEYPOTS PRESENTATION TEAM: TEAM: Ankur Sharma Ashish Agrawal Elly Bornstein Santak Bhadra Srinivas Natarajan.
Security tools. Outline Firewalls and network design Honeybots IPTables Snort.
HONEYPOT By SIDDARTHA ELETI CLEMSON UNIVERSITY. Introduction Introduced in 1990/1991 by Clifford Stoll’™s in his book “The Cuckoo’s Egg” and by Bill Cheswick’€™s.
A VIRTUAL HONEYPOT FRAMEWORK Author : Niels Provos Publication: Usenix Security Symposium Presenter: Hiral Chhaya for CAP6103.
Oluwatosin Oguntola Firewalls.
SNORT Biopsy: A Forensic Analysis on Intrusion Detection System By Asif Syed Chowdhury.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
1 HoneyNets. 2 Introduction Definition of a Honeynet Concept of Data Capture and Data Control Generation I vs. Generation II Honeynets Description of.
Evaluate the Merits of Using Honeypots to Defend against Distributed Denial- of-Service Attacks on Web Servers By Cheow Lip Goh.
1 ForeScout Technologies Inc. Frontline Defense against Network Attack Tim Riley, Forescout.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.
By Daniel, Amitsinh & Alfred.  Collect small data sets which are of high value  All activity is assumed to be malicious  Able to capture encrypted.
Internet Security. 2 Computers on the Internet are almost constantly bombarded with viruses, other malware and other threats.
Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.
HONEYPOTS An Intrusion Detection System. Index Intrusion Detection System Host bases Intrusion Detection System Network Based Intrusion Detection System.
UNDER THE GUIDENCE OF: Mr.M.JAYANTHI RAO,M.Tech HOD OF IT. BY: I.ADITHYA(09511A1212) HONEYPOTS.
CIW Lesson 8 Part B. Malicious Software application that installs hidden services on systems term for software whose specific intent is to harm computer.
Using Honeypots to Improve Network Security Dr. Saleh Ibrahim Almotairi Research and Development Centre National Information Centre - Ministry of Interior.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
PRESENTED BY : Bhupendra Singh
Honeypots: Not Just for Pooh
Top 5 Open Source Firewall Software for Linux User
USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY
Hands-On Microsoft Windows Server 2008
Rootkit Detection and Mitigation
Threats to computers Andrew Cormack UKERNA.
12/6/2018 Honeypot ICT Infrastructure Sashan
Friday, December 07, 2018 Honeypot ICT Infrastructure Sashan Kantonsspital Graubunden ICT Department.
Security Overview: Honeypots
Online Learning.
Honeypots Visit for more Learning Resources 1.
Presentation transcript:

Honeypots “The more you know about the enemy, the better you can protect about yourself” Rohan Rajeevan Srikanth Vanama Rakesh Akkera

Honeypots Oops !!

Definition(s) A honeypot is a  a decoy computer system designed to look like a legitimate system  A resource whose value is being in attacked or compromised.  Honeypots do not fix anything. They provide additional, valuable information  An intruder will want to break into while, unknown to the intruder, they are being covertly observed.  Like a hidden surveillance camera

Necessity of honeypots For the following reasons, good data is needed about attacks:  Real threat data  Trend data

Statistical Examples ℘ At the end of year 2000, the life expectancy of a default installation of Red Hat 6.2 was less than 72 hrs ! ℘ One of the fastest recorded times a HoneyPot was compromised was 15 min. ℘ During an 11 month period (Apr 2000 – Mar 2001), there was a 100% increase in IDS alerts based on Snort. ℘ In the beginning of 2002, a home network was scanned on an average by three different systems a day.

History  1980s  US MILITARY traced cracker to Germany  Tracing consumed time  1 st honeypot born

Primary ways of usage Deceive Intimidate Reconnaissance.

How do HoneyPots work? Prevent Detect Response Monitor No connection

Deployment strategies

Classification of honeypots Based on  Purpose  level of involvement

Honeypots Based on purpose  Production  Research

Honeypots Based on the level of involvement  Low  Middle  High

Level of Interaction Operating system Fake Daemon Disk Other local resource Low Medium High

Placement

Locations Locations  In front of firewall (Internet)  DMZ  Behind the firewall (Intranet) Best location ?

Compatibility  Microsoft Windows  Unix Derivatives

Advantages  Small Data Sets  Minimal Resources  Simplicity  Discovery of new tactics  Cost Effective

Disadvantages  Limited Vision  Inappropriate Response for new attacks  Not a perfect solution  Skilled analyst required  Requires high level of effort

Products in the market  Symantec Decoy Server  LaBrea Tarpit  HoneyD

Future of honeypot technologies (Future on the good side…)  Honeytokens  Wireless honeypots  SPAM honeypots  Honeypot farms  Search-engine honeypots

Conclusion  Only a best thief can become a best cop  A tool, not a solution !  Design fool proof security systems.  Wide areas of Usage  Growth is unbounded

Thanks for your (long) patience and attention! Any Queries ?! Rohan Rajeevan -Srikanth Vanama -Rakesh Akkera

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.