A recent addition to the intrusion detection product line is a new technology called a honeypot. ... more A recent addition to the intrusion detection product line is a new technology called a honeypot. A honeypot provides an attacker with resources that appear to be actual production systems that are in reality decoy systems designed to be attacked. Observing interaction with the honeypot facilitates the observation and analysis of attacks and the detection of anomalies. This paper discusses the design of a dynamic honeypot. The dynamic honeypot configures, deploys, and maintains virtual honeypots on a network, using passive probing and dynamic templates to customize the virtual honeypots to the network and react differently depending on the source of the connection. This paper also discusses the design and implementation of a simple intrusion monitoring system using the dynamic honeypot. During initial testing an exploit attempt that was not detected by conventional intrusion detection was detected by the dynamic honeypot monitoring system.
for distracting me when I need distracting and assuring me when I need assuring. Many thanks to D... more for distracting me when I need distracting and assuring me when I need assuring. Many thanks to Dr. Walden Laukhuf, Mr. Steve Williamson, and the Chemical Engineering Department. Generous use of their facilities, particularly the Process Control Laboratory and the Unit Operations Laboratory, as well as their time and expertise were greatly appreciated. Thanks also to Ron Lile and his staff for providing technical support.
A recent addition to the intrusion detection product line is a new technology called a honeypot. ... more A recent addition to the intrusion detection product line is a new technology called a honeypot. A honeypot provides an attacker with resources that appear to be actual production systems that are in reality decoy systems designed to be attacked. Observing interaction with the honeypot facilitates the observation and analysis of attacks and the detection of anomalies. This paper discusses the design of a dynamic honeypot. The dynamic honeypot configures, deploys, and maintains virtual honeypots on a network, using passive probing and dynamic templates to customize the virtual honeypots to the network and react differently depending on the source of the connection. This paper also discusses the design and implementation of a simple intrusion monitoring system using the dynamic honeypot. During initial testing an exploit attempt that was not detected by conventional intrusion detection was detected by the dynamic honeypot monitoring system.
for distracting me when I need distracting and assuring me when I need assuring. Many thanks to D... more for distracting me when I need distracting and assuring me when I need assuring. Many thanks to Dr. Walden Laukhuf, Mr. Steve Williamson, and the Chemical Engineering Department. Generous use of their facilities, particularly the Process Control Laboratory and the Unit Operations Laboratory, as well as their time and expertise were greatly appreciated. Thanks also to Ron Lile and his staff for providing technical support.
Uploads
Papers by Jeff Hieb