Presentation is loading. Please wait.

Presentation is loading. Please wait.

By Daniel, Amitsinh & Alfred.  Collect small data sets which are of high value  All activity is assumed to be malicious  Able to capture encrypted.

Published byBarbra Thornton Modified over 9 years ago

Similar presentations

Presentation on theme: "By Daniel, Amitsinh & Alfred.  Collect small data sets which are of high value  All activity is assumed to be malicious  Able to capture encrypted."— Presentation transcript:

1 By Daniel, Amitsinh & Alfred

2  Collect small data sets which are of high value  All activity is assumed to be malicious  Able to capture encrypted data  IDS-like functionality

3  Have the risk of being taken over and used to attack other systems in the network  Need to be walled off from the legitimate system to ensure it does give access to it  Could be held liable for any damages the honeypot causes while under someone elses control

4  Intruders may not even take the bait  Still need to be able to identify an individual  What if the source of the intrusion is a public network?  Evidence may not necessarily be admissible in court  May miss evidence as only records actions that interact with the honeypot itself and not over the network  FBI have used a honeypot to successfully gather evidence

5  Advantages ◦ Collect small data sets which are of high value ◦ Minimal resources ◦ Reduce false positives ◦ Catching false negatives ◦ Risk mitigation ◦ Attack strategies  Disadvantages ◦ Limited view ◦ Risk of being compromised ◦ Single data point

6  two types of honeypots - low-interaction and high- interaction  the main difference between the two is their complexity and interaction they allow an attacker  We recommend using a low-interaction honeypot in a networked environment  Reasons: ◦ do not give attackers much control ◦ simplicity that allows easy deployment and maintenance ◦ low risk factor because they do not work with real production system ◦ captures limited amounts of information, mainly transactional data and some limited interaction. ◦ emulate a service

7  Lance Spitzner, 3 June 2003, Honeypots - Definitions and Value of Honeypots viewed 22 March 2009 http://www.infosecwriters.com/texts.php?op=display&id=80  Mark Rasch, 9 May 2008, Click Crime viewed 21 March 2009 http://www.securityfocus.com/columnists/471  Lance Spitzner, 17 May 2002, Honeypots - Definitions and Value of Honeypots viewed 22 March 2009 http://www.governmentsecurity.org/what_is_a_honeypot  Lance Spitzner, 30 April 2003, Honeypots: Simple, Cost-Effective Detection viewed 21 March 2009 http://www.securityfocus.com/infocus/1690  Niels Provos, Thorsten Holz 2007, Virtual Honeypots: From Botnet Tracking to Intrusion Detection, Addison Wesley Professional

Download ppt "By Daniel, Amitsinh & Alfred.  Collect small data sets which are of high value  All activity is assumed to be malicious  Able to capture encrypted."

Similar presentations

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.

Intrusion Detection Systems (I) CS 6262 Fall 02. Definitions Intrusion Intrusion A set of actions aimed to compromise the security goals, namely A set.
Honeynet Introduction Tang Chin Hooi APAN Secretariat.

Honeynet Introduction Tang Chin Hooi APAN Secretariat.
Honey Pot Research And Decision By Hanh Thi Hong Nguyen Venkata Krishna Mahesh Kumar Kondraju Kieran Andrews.

Honey Pot Research And Decision By Hanh Thi Hong Nguyen Venkata Krishna Mahesh Kumar Kondraju Kieran Andrews.
Uzair Masood 100111089 MASYU001.  What is a honey Pot ? “ A honey pot is an information system resource whose value lies in unauthorized or illicit use.

Uzair Masood MASYU001.  What is a honey Pot ? “ A honey pot is an information system resource whose value lies in unauthorized or illicit use.
HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.

HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.
Honeypot Group 1E Zahra Kamali (KAMZY001) Pratik Doshi (DOSPY001) Tapan Dave (DAVTH001)

Honeypot Group 1E Zahra Kamali (KAMZY001) Pratik Doshi (DOSPY001) Tapan Dave (DAVTH001)
Honeypot Research Hung Nguyen Brendan Roberts Comp 4027 Forensic and Analytical Computing.

Honeypot Research Hung Nguyen Brendan Roberts Comp 4027 Forensic and Analytical Computing.
Honeypots Presented by Javier Garcia April 21, 2010.

Honeypots Presented by Javier Garcia April 21, 2010.
Honeypot 서울과학기술대학교 Jeilyn Molina 121336101. Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.

Honey Pots: Natures Dessert or Cyber Defense Tool? Eric Richardson.
We’ve got what it takes to take what you got! NETWORK FORENSICS.

We’ve got what it takes to take what you got! NETWORK FORENSICS.
Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.

Honeypots and Honeynets Source: The HoneyNet Project Book: Know Your Enemy (2 nd ed) Presented by: Mohammad.
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
Student : Wilson Hidalgo Ramirez Supervisor: Udaya Tupakula Filtering Techniques for Counteracting DDoS Attacks.

Student : Wilson Hidalgo Ramirez Supervisor: Udaya Tupakula Filtering Techniques for Counteracting DDoS Attacks.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Dec, 20081 Honeyd Virtual Honeypot Frame Work Niels Provos Presented by: Fadi MohsenSupervised by: Dr. Chow CS591 Research Project Presented by: Fadi Mohsen.

Dec, Honeyd Virtual Honeypot Frame Work Niels Provos Presented by: Fadi MohsenSupervised by: Dr. Chow CS591 Research Project Presented by: Fadi Mohsen.
Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.

Honeypots Margaret Asami. What are honeypots ? an intrusion detection mechanism entices intruders to attack and eventually take over the system, while.
T5 Program Inquiry Based Teaching Rob Schadt Jim Wolff Srikrishna S. Ramachandra June 3, 2008 Rob Schadt Jim Wolff Srikrishna S. Ramachandra June 3, 2008.

T5 Program Inquiry Based Teaching Rob Schadt Jim Wolff Srikrishna S. Ramachandra June 3, 2008 Rob Schadt Jim Wolff Srikrishna S. Ramachandra June 3, 2008.
Mobile Agents for Intrusion Detection Jaromy Ward.

Mobile Agents for Intrusion Detection Jaromy Ward.
Intrusion Prevention System DYNAMIC HONEYNET by Rosenfeld Asaf advisor Uritzky Max.

Intrusion Prevention System DYNAMIC HONEYNET by Rosenfeld Asaf advisor Uritzky Max.

Similar presentations

Ads by Google