Presentation is loading. Please wait.

Presentation is loading. Please wait.

Development and Implementation of a Honeynet on a University Owned Subnet Erin L. Johnson, John M. Koenig, Dr. Paul Wagner (Faculty Mentor) {johnsone,

Published byAngelina May Modified over 9 years ago

Similar presentations

Presentation on theme: "Development and Implementation of a Honeynet on a University Owned Subnet Erin L. Johnson, John M. Koenig, Dr. Paul Wagner (Faculty Mentor) {johnsone,"— Presentation transcript:

1 Development and Implementation of a Honeynet on a University Owned Subnet Erin L. Johnson, John M. Koenig, Dr. Paul Wagner (Faculty Mentor) {johnsone, koenigjm, wagnerpj} @ uwec.edu Computer Science Department – University of Wisconsin Eau Claire Background In network security there are several ways to gain information about attacks and program vulnerabilities. One way to do this is to install computers whose sole purpose is to be attacked and then passively log all activity on these computers. A honeynet is a technology that provides this functionality. From honeynet data we can study attackers’ modus operandi and motives directly, allowing for the development of better security tools. Overview The focus of our research project is to implement a honeynet at the University of Wisconsin Eau Claire (UWEC) according to the stipulations set forth by the Honeynet Research Alliance (HRA) while operating with limited resources. Our overall goal is to profile malicious activity in a class C subnet and use this data to fill a demographic gap as well as act as a base for future research. What is a Honeynet? A honeynet is a network of unsecured computers (called honeypots) whose sole purpose is to be attacked. All network activity on the honeynet is passively logged. Because there is no viable reason for anyone to be connecting to these computers, all activity can be reasonably considered malicious. To gather this activity as well as mitigate risk, there have been several tools developed, such as honeywall, which is developed by the Honeynet Research Alliance (HRA). The honeywall is between the Internet and the honeynet and fulfils all of the implementation requirement set forth by the HRA. Honeynet Research Alliance For our honeynet we followed the implementation requirements set forth by the Honeynet Research Alliance (HRA). HRA brings together other Honeynet Projects and consists of roughly 20 members world wide. Their goal is to develop honeypot/net related technologies and share data. As of right now there are no alliance members from a Tier 2 University such as UWEC. Implementation Requirements 1. Data Control: Must be passive and must be able to modify or deny malicious packets. 2. Data Capture: Log network traffic and honeypot activity 3. Data Analysis: Must have a means to extract and analyze captured data 4. Data Collection: Must have a secure location to store data Our Honeynet Our original goal was to mimic the UWEC network as closely as possible while staying cost effective. To keep costs down we decided to implement our honeypots as virtual systems. However, due to several software conflicts our honeypots are Ubuntu Edgy installations rather than Windows XP. Our Network In addition to the data control measures provided by honeywall, network traffic generated from our subnet cannot reach the primary UWEC network. The only traffic from the primary UWEC network that can reach our subnet must be using SSL or SSH. Also, all honeynet traffic must pass though a switch that systems administrators can shut down in an emergency. Acknowledgements We would like to thank our research advisor, Dr. Paul Wagner, as well as Jason Wudi, Tom Paine, and Eric Stevens for their support. Funding provided by the Office of Research and Sponsored Programs and Differential Tuition. Fig 1. A Honeynet Using Honeywall Fig 3. Our Subnet Fig 2. Our Honeynet

Download ppt "Development and Implementation of a Honeynet on a University Owned Subnet Erin L. Johnson, John M. Koenig, Dr. Paul Wagner (Faculty Mentor) {johnsone,"

Similar presentations

Honeynet Introduction Tang Chin Hooi APAN Secretariat.

Honeynet Introduction Tang Chin Hooi APAN Secretariat.
Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.

Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.

Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.
Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.

Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Honeypot 서울과학기술대학교 Jeilyn Molina 121336101. Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Honeypots and Network Security Research by: Christopher MacLellan Project Mentor: Jim Ward EPSCoR and Honors Program.

Honeypots and Network Security Research by: Christopher MacLellan Project Mentor: Jim Ward EPSCoR and Honors Program.
Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.

Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.
© Prentice Hall 2002 1.1 CHAPTER 1 Managing IT in an E-World.

© Prentice Hall CHAPTER 1 Managing IT in an E-World.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Worm and Botnet Trapper System Using Honeypots Yan Gao & Usman Jafarey.

Worm and Botnet Trapper System Using Honeypots Yan Gao & Usman Jafarey.
Honeynet/Honeypot Project - Leslie Cherian - Todd Deshane - Patty Jablonski - Creighton Long May 2, 2006.

Honeynet/Honeypot Project - Leslie Cherian - Todd Deshane - Patty Jablonski - Creighton Long May 2, 2006.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
Accounting Management IACT 918 April 2005 Glenn Bewsell/Gene Awyzio SITACS University of Wollongong.

Accounting Management IACT 918 April 2005 Glenn Bewsell/Gene Awyzio SITACS University of Wollongong.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Honeypot An instrument for attracting and detecting attackers Adapted from R. Baumann.

Honeypot An instrument for attracting and detecting attackers Adapted from R. Baumann.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
A Coach’s Communication Strategy and its Relationship to a Collegiate Player’s Motivation to Perform as an Athlete Dana Neil, Andrea Pendergast, Amy Schmidt,

A Coach’s Communication Strategy and its Relationship to a Collegiate Player’s Motivation to Perform as an Athlete Dana Neil, Andrea Pendergast, Amy Schmidt,
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

Similar presentations

Ads by Google