Friday, April 23, 2010

HONEYPOTS FOR NETWORK SECURITY

Abstract:

For every consumer and business that is on the Internet, viruses, worms and crackers are a few security threats. There are the obvious tools that aid information security professionals against these problems such as anti-virus software, firewalls and intrusion detection systems, but these systems can only react to or prevent attacks-they cannot give us information about the attacker, the tools used or even the methods employed. Given all of these security questions, honeypots are a novel approach to network security and security research alike.

A honeypot is used in the area of computer and Internet security. It is a resource, which is intended to be attacked and compromised to gain more information about the attacker and the used tools. It can also be deployed to attract and divert an attacker from their real targets. Compared to an intrusion detection system, honeypots have the big advantage that they do not generate false alerts as each observed traffic is suspicious, because no productive components are running on the system. This fact enables the system to log every byte that flows through the network to and from the honeypot, and to correlate this data with other sources to draw a picture of an attack and the attacker.

This paper will first give an introduction to honeypots-the types and uses. We will then look at the nuts and bolts of honeypots and how to put them together. Finally we shall conclude by looking at what the future holds for the honeypots and honeynets


No comments:

Post a Comment