Forensic Computing: Tools, Techniques and Investigations Assignment 1 Seminar.

Slides:

Advertisements

Similar presentations

Honeynet Introduction Tang Chin Hooi APAN Secretariat.

Advertisements

Uzair Masood MASYU001.  What is a honey Pot ? “ A honey pot is an information system resource whose value lies in unauthorized or illicit use.

HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.

Honeypot Group 1E Zahra Kamali (KAMZY001) Pratik Doshi (DOSPY001) Tapan Dave (DAVTH001)

Honeypot Research Hung Nguyen Brendan Roberts Comp 4027 Forensic and Analytical Computing.

The Honeypot Project By Itzik Jislin Yiftach Benjamini Supervisor: Ben Bershtein.

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Honeypots Presented by Javier Garcia April 21, 2010.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.

Aktueller Status How Hackers Cover Their Tracks ECE 4112 May 1st, 2007 Group 1 Chris Garyet Christopher Smith Introduction Lab Content Conclusions Questions.

Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.

Dec, Honeyd Virtual Honeypot Frame Work Niels Provos Presented by: Fadi MohsenSupervised by: Dr. Chow CS591 Research Project Presented by: Fadi Mohsen.

1 Host Based Intrusion Detection: Analyzing System Logs Bob Winding, Vikram Ahmed University of Notre Dame 12/13/2006.

Honeynet/Honeypot Project - Leslie Cherian - Todd Deshane - Patty Jablonski - Creighton Long May 2, 2006.

Intrusion Prevention System DYNAMIC HONEYNET by Rosenfeld Asaf advisor Uritzky Max.

1 The Honeynet Project: Trapping the Hackers Lance Spitzner, Sun Microsystems Presented by Vikrant Karan.

Honeypot An instrument for attracting and detecting attackers Adapted from R. Baumann.

Intrusion Detection System Marmagna Desai [ 520 Presentation]

6 th Annual Workshop on the Teaching Computer Forensics 6 th Annual Teaching Computer Forensics Workshop Enhancing the Experience in Network Incident Investigations.

Introduction to Honeypot, Botnet, and Security Measurement

Speaker ： Hong-Ren Jiang A Novel Testbed for Detection of Malicious Software Functionality 1.

Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.

What is FORENSICS? Why do we need Network Forensics?

HONEYPOT.  Introduction to Honeypot  Honeytoken  Types of Honeypots  Honeypot Implementation  Advantages and Disadvantages  Role of Honeypot in.

HoneyD (Part 2) Small Business NIDS This presentation demonstrates the ability for Small Businesses to emulate virtual operating systems and conduct.

Honeypots. Introduction A honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems.

ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.

Honeypot and Intrusion Detection System

Honeypots. Your Speaker Lance Spitzner –Senior Security Architect, Sun Microsystems –Founder of the Honeynet Project –Author of Honeypots: Tracking Hackers.

Deploying Honeynets Dodge, Jr., & Ragsdale - Presentation by Janakiram Dandibhotla.

A Virtual Honeypot Framework Author: Niels Provos Published in: CITI Report 03-1 Presenter: Tao Li.

Advanced Attack Detection and Infrastructure Protection Sean Ensz –OU IT Security Analyst Sallie Wright –OSU IT Security Officer Dr. Mark Weiser –OSU Director.

Honeynets Detecting Insider Threats Kirby Kuehl

KFSensor Vs Honeyd Honeypot System Sunil Gurung

1Of 25. 2Of 25  Definition  Advantages & Disadvantages  Types  Level of interaction  Honeyd project: A Virtual honeypot framework  Honeynet project:

HONEYPOTS PRESENTATION TEAM: TEAM: Ankur Sharma Ashish Agrawal Elly Bornstein Santak Bhadra Srinivas Natarajan.

HONEYPOT By SIDDARTHA ELETI CLEMSON UNIVERSITY. Introduction Introduced in 1990/1991 by Clifford Stoll’s in his book “The Cuckoo’s Egg” and by Bill Cheswick’s.

Presented by Spiros Antonatos Distributed Computing Systems Lab Institute of Computer Science FORTH.

A Virtual Distributed Honeynet at KFUPM: A Case Study Build a high-interaction honeynet environment at KFUPM’s two main campuses: The students’ living.

A VIRTUAL HONEYPOT FRAMEWORK Author : Niels Provos Publication: Usenix Security Symposium Presenter: Hiral Chhaya for CAP6103.

1 Honeypot, Botnet, Security Measurement, Spam Cliff C. Zou CDA /01/07.

An Introduction First Ever Public Honeynet Project Security Workshop 21 st of March 2011 Christian Seifert, CEO.

A Virtual Honeypot Framework Niels Provos Google, Inc. The 13th USENIX Security Symposium, August 9–13, 2004 San Diego, CA Presented by: Sean Mondesire.

Investigation and Evaluation of Systems for Generating Automatic Alerts Using Honeynet Data Master’s Thesis Seminar Presentation Esko Harjama.

Introduction to Honeypot, measurement, and vulnerability exploits

Honeypots and Honeynets Alex Dietz. To discover methods used to breach a system To discover new root kits To learn what changes are made to a system and.

Evaluate the Merits of Using Honeypots to Defend against Distributed Denial- of-Service Attacks on Web Servers By Cheow Lip Goh.

24 September An Introduction to Honeynets and Intrusion Protection Systems James Kearney Oct. 25, 2004.

Development and Implementation of a Honeynet on a University Owned Subnet Erin L. Johnson, John M. Koenig, Dr. Paul Wagner (Faculty Mentor) {johnsone,

Security Vulnerabilities in A Virtual Environment

Engaging the Adversary as a Viable Response to Network Intrusion Sylvain P. Leblanc & G. Scott Knight Royal Military College of Canada PST 05 Workshop.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.

By Daniel, Amitsinh & Alfred.  Collect small data sets which are of high value  All activity is assumed to be malicious  Able to capture encrypted.

HONEYPOTS An Intrusion Detection System. Index Intrusion Detection System Host bases Intrusion Detection System Network Based Intrusion Detection System.

1 NES554: Computer Networks Defense Course Overview.

Introduction to Network Systems Security Mort Anvari.

Project 2: Windows Logging. UTSA IS 6353 Incident Response Ranum on Forensics “The real value of intrusion detection is diagnosing what is going on…never.

UNDER THE GUIDENCE OF: Mr.M.JAYANTHI RAO,M.Tech HOD OF IT. BY: I.ADITHYA(09511A1212) HONEYPOTS.

Using Honeypots to Improve Network Security Dr. Saleh Ibrahim Almotairi Research and Development Centre National Information Centre - Ministry of Interior.

O honeynet Project Lognitive.com Disclaimer This is a technical session that contain non- technical content. Get relaxed so to get ready for some details.

Honeypot in Mobile Network Security

Jonas Pfoh, Daniel Angermeier

Deception Game on Decoy Systems

12/6/2018 Honeypot ICT Infrastructure Sashan

Friday, December 07, 2018 Honeypot ICT Infrastructure Sashan Kantonsspital Graubunden ICT Department.

Security Overview: Honeypots

An IoT Honeypot Device for Malware Forensics

Honeypots Visit for more Learning Resources 1.

Presentation transcript:

Forensic Computing: Tools, Techniques and Investigations Assignment 1 Seminar

Honeypot research and decision By Group 1H Wang Chung NG, Rayson

Agenda Introduction Background Concepts Use cases Risks References

Introduction Honeypot is a technique that  Same as decoy-based intrusions-detections  Used in many enterprises  No production value Honeypot is a system architecture (network) that  Developed by Honeynet Project  “A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource.” by Lance Spitzner, 2003

Background It was developed for learning hackers/crackers skills and motivations It is used to trap the perpetrators. Computer and Network security issues

Concepts To detect and log traffics and activities happened in the system Can be a countermeasure to some attacks Types  Low-interaction (LI) / Virtual  High-interaction (HI) / Physical Aims  Production  Research

Use cases Façades (LI)  Behave as real system/application Sacrificial Lambs (HI)  Uses existing system  Uses network sniffer to collect data

Risks LI  Captures limited amounts of information  Can only detect known type attacks HI  Can be complex to install or deploy  Increased risk, as attackers are provided real operating systems to interact with

References Lance Spitzner, files/honeypots.pdf, HKSAR government, files/honeypots.pdf _ html, Brien M. Posey MCSE, _ html