Visible to the public Biblio

Filters: Author is Schneider, J.  [Clear All Filters]
2017-12-04
Fraunholz, D., Zimmermann, M., Anton, S. D., Schneider, J., Schotten, H. Dieter.  2017.  Distributed and highly-scalable WAN network attack sensing and sophisticated analysing framework based on Honeypot technology. 2017 7th International Conference on Cloud Computing, Data Science Engineering - Confluence. :416–421.

Recently, the increase of interconnectivity has led to a rising amount of IoT enabled devices in botnets. Such botnets are currently used for large scale DDoS attacks. To keep track with these malicious activities, Honeypots have proven to be a vital tool. We developed and set up a distributed and highly-scalable WAN Honeypot with an attached backend infrastructure for sophisticated processing of the gathered data. For the processed data to be understandable we designed a graphical frontend that displays all relevant information that has been obtained from the data. We group attacks originating in a short period of time in one source as sessions. This enriches the data and enables a more in-depth analysis. We produced common statistics like usernames, passwords, username/password combinations, password lengths, originating country and more. From the information gathered, we were able to identify common dictionaries used for brute-force login attacks and other more sophisticated statistics like login attempts per session and attack efficiency.