Article

Honeynet based distributed adaptive network forensics and active real time investigation

Authors:

Wei Ren,

Hai JinAuthors Info & Claims

SAC '05: Proceedings of the 2005 ACM symposium on Applied computing

Pages 302 - 303

https://doi.org/10.1145/1066677.1066749

Published: 13 March 2005 Publication History

Get Access

Abstract

Network forensics and honeynet systems have the same features of collecting information about the computer misuses. Honeynet system can lure attackers and gain information about new types of intrusions. Network forensics system can analysis and reconstruct the attack behaviors. These two systems integrating together can help to build an active self-learning and response system to profile the intrusion behavior features and investigate the attack original source. In this paper, we present a design of honeynet based active network intrusion response system. The features of our system are distributed adaptive network forensics and active real time network investigation.

References

[1]

Know Your Enemy: Gen II Honeynets, November 2003. http://project.honeynet.org/papers/gen2/

Google Scholar

[2]

Gary Palmer, A Road Map for Digital Forensic Research, Technical Report DTRT0010-01, DFRWS, November 2001. Report from the First Digital Forensic Research Workshop (DFRWS)

Google Scholar

Cited By

View all

Studiawan HDjanali SPratomo B(2016)Graph-based Forensic Analysis of Web HoneypotJournal of Telecommunications and Information Technology10.26636/jtit.2016.2.7202:2016(60-65)Online publication date: 30-Jun-2016
https://doi.org/10.26636/jtit.2016.2.720
Adeyemi IRazak SAzhan N(2013)A Review of Current Research in Network Forensic AnalysisInternational Journal of Digital Crime and Forensics10.4018/jdcf.20130101015:1(1-26)Online publication date: 1-Jan-2013
https://doi.org/10.4018/jdcf.2013010101
(2011)Honeypots and Network ForensicsHoneypots10.1201/b10738-12(298-323)Online publication date: 4-May-2011
https://doi.org/10.1201/b10738-12
Show More Cited By

Index Terms

Honeynet based distributed adaptive network forensics and active real time investigation
1. Computer systems organization
2. Software and its engineering
  1. Software organization and properties
    1. Software system structures
      1. Distributed systems organizing principles

Recommendations

Detecting and Defending against Worm Attacks Using Bot-honeynet
ISECS '09: Proceedings of the 2009 Second International Symposium on Electronic Commerce and Security - Volume 01

We proposed a worm detection and defense system named bot-honeynet in this paper, which combines the best features of honeynet, anomaly detection and botnet. The combination of honeynet and anomaly detection system offers a tradeoff between false ...
The Worm Propagation Model and Control Strategy Based on Distributed Honeynet
CSSE '08: Proceedings of the 2008 International Conference on Computer Science and Software Engineering - Volume 03

Considering honeypot host performs high inveiglement to worms and its data control policy--"come in easily, out strictly", this paper presents a worm propagation model based on two-factor model in the network which distributed honeynet have been ...
In Search of Effective Honeypot and Honeynet Systems for Real-Time Intrusion Detection and Prevention
RIIT '16: Proceedings of the 5th Annual Conference on Research in Information Technology

A honeypot is a deception tool for enticing attackers to make efforts to compromise the electronic information systems of an organization. A honeypot can serve as an advanced security surveillance tool for use in minimizing the risks of attacks on ...

Comments

Information & Contributors

Information

Published In

SAC '05: Proceedings of the 2005 ACM symposium on Applied computing

March 2005

1814 pages

ISBN:1581139640

DOI:10.1145/1066677

Conference Chair:
Hisham M. Haddad
Kennesaw State University
,
Editor:
Lorie M. Liebrock
New Mexico Institute of Mining and Technology, Socorro, NM
,
Program Chairs:
Andrea Omicini
Alma Mater Studiorum, Universita di Bologna, Italy
,
Roger L. Wainwright
Univerity of Tulsa, OK

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 March 2005

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SAC05

Sponsor:

SIGAPP

SAC05: The 2005 ACM Symposium on Applied Computing

March 13 - 17, 2005

New Mexico, Santa Fe

Acceptance Rates

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Upcoming Conference

SAC '25

Sponsor:
sigapp

The 40th ACM/SIGAPP Symposium on Applied Computing

March 31 - April 4, 2025

Catania , Italy

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
1,125
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 31 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Studiawan HDjanali SPratomo B(2016)Graph-based Forensic Analysis of Web HoneypotJournal of Telecommunications and Information Technology10.26636/jtit.2016.2.7202:2016(60-65)Online publication date: 30-Jun-2016
https://doi.org/10.26636/jtit.2016.2.720
Adeyemi IRazak SAzhan N(2013)A Review of Current Research in Network Forensic AnalysisInternational Journal of Digital Crime and Forensics10.4018/jdcf.20130101015:1(1-26)Online publication date: 1-Jan-2013
https://doi.org/10.4018/jdcf.2013010101
(2011)Honeypots and Network ForensicsHoneypots10.1201/b10738-12(298-323)Online publication date: 4-May-2011
https://doi.org/10.1201/b10738-12
Sqalli MAlShaikh RAhmed E(2010)Towards Simulating a Virtual Distributed Honeynet at KFUPMProceedings of the 2010 Fourth UKSim European Symposium on Computer Modeling and Simulation10.1109/EMS.2010.58(316-321)Online publication date: 17-Nov-2010
https://dl.acm.org/doi/10.1109/EMS.2010.58
Grobler CLouwrens Cvon Solms S(2010)A Multi-component View of Digital Forensics2010 International Conference on Availability, Reliability and Security10.1109/ARES.2010.61(647-652)Online publication date: Feb-2010
https://doi.org/10.1109/ARES.2010.61

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Detecting and Defending against Worm Attacks Using Bot-honeynet

The Worm Propagation Model and Control Strategy Based on Distributed Honeynet

In Search of Effective Honeypot and Honeynet Systems for Real-Time Intrusion Detection and Prevention

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations