Visible to the public A Proposal for a New Way of Classifying Network Security Metrics: Study of the Information Collected through a Honeypot

Submitted by aekwall on Mon, 07/01/2019 - 10:11am
TitleA Proposal for a New Way of Classifying Network Security Metrics: Study of the Information Collected through a Honeypot
Publication TypeConference Paper
Year of Publication2018
AuthorsCarrasco, A., Ropero, J., Clavijo, P. Ruiz de, Benjumea, J., Luque, A.
Conference Name2018 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C)
ISBN Number978-1-5386-7839-8
Keywordsattacker behaviour evaluation, computer network security, Conferences, Data collection, file servers, honeypot, IDS, information collection, Kippo, metric, Metrics, Network security, network security metric classification, pubcrawl, security, security metrics, software quality, software reliability, SSH honeypot-based system, statistical analysis, time 19.0 month, vulnerable server
Abstract

Nowadays, honeypots are a key tool to attract attackers and study their activity. They help us in the tasks of evaluating attacker's behaviour, discovering new types of attacks, and collecting information and statistics associated with them. However, the gathered data cannot be directly interpreted, but must be analyzed to obtain useful information. In this paper, we present a SSH honeypot-based system designed to simulate a vulnerable server. Thus, we propose an approach for the classification of metrics from the data collected by the honeypot along 19 months.
URLhttps://ieeexplore.ieee.org/document/8432038
DOI10.1109/QRS-C.2018.00110
Citation Keycarrasco_proposal_2018
Groups: