International Journal of Computer Networks and Applications (IJCNA)

Published By EverScience Publications

ISSN : 2395-0455

International Journal of Computer Networks and Applications (IJCNA)

International Journal of Computer Networks and Applications (IJCNA)

Published By EverScience Publications

ISSN : 2395-0455

A Survey on Potential Applications of Honeypot Technology in Intrusion Detection Systems

Author NameAuthor Details

Muhammet Baykara, Resul Das

Muhammet Baykara[1]

Resul Das[2]

[1]Software Engineering Department, Firat University, Elazig, Turkey.

[2]Software Engineering Department, Firat University, Elazig, Turkey.

Abstract

Information security in the sense of personal and institutional has become a top priority in digitalized modern world in parallel to the new technological developments. Many methods, tools and technologies are used to provide the information security of IT systems. These are considered, encryption, authentication, firewall, and intrusion detection and prevention systems. Moreover, honeypot systems are proposed as complementary structures. This paper presents the overall view of the publications in IDS, IPS and honeypot systems. Recently, honeypot systems are anymore used in connection with intrusion detection systems. So this paper describes possible implementation of honeypot technologies combined with IDS/IPS in a network. Studies in the literature have shown intrusion detection systems cannot find the 0-day vulnerabilities. The system provided by the honeypots and intrusion detection systems in the network, might detect new exploit and hacker attempt.

Index Terms

Information security

Intrusion detection system (IDS)

Intrusion prevention system (IPS)

Honeypot

Network Security

Reference

  1. 1.
    Fussell, R.S., "Protecting information security availability via self-adapting intelligent agents," Military Communications Conference, 2005. MILCOM 2005. IEEE, vol., no., pp.2977-2982 Vol. 5, 17-20 Oct. 2005.
  2. 2.
    Tekerek M., “Bilgi Güvenliği Yönetimi”, KSÜ Fen ve Mühendislik Dergisi 11(1), s. 132, 2008.
  3. 3.
    Marcinkowski, S.J.; Stanton, J.M., “Motivational aspects of information security policies”, IEEE International Conference on Systems, Man and Cybernetics, vol.3, pp.2527-2532 vol.3, 5-8 Oct. 2003.
  4. 4.
    Campbell, S., "Supporting digital signatures in mobile environments," Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003. WET ICE 2003. Proceedings. , vol., no., pp.238-242, 9-11 June 2003.
  5. 5.
    Karaarslan, E., Teke A., Şengonca H., "Bilgisayar Ağlarında Güvenlik Politikalarının Uygulanması." Akademik Bilişim Konferansı, Çukurova Üniversitesi, 1s, 2003.
  6. 6.
    Can, O.; Sahingoz, O.K., "A survey of intrusion detection systems in wireless sensor networks", 6th International Conference on in Modeling, Simulation, and Applied Optimization (ICMSAO), pp.1-6, 27-29 May 2015.
  7. 7.
    Bashir, U.; Chachoo, M., "Intrusion detection and prevention system: Challenges & opportunities", International Conference on Computing for Sustainable Global Development (INDIA Com), pp.806-809, 5-7 March 2014.
  8. 8.
    Benmoussa, H.; El Kalam, A.A.; Ouahman, A.A., "Towards a new intelligent generation of intrusion detection system", Proceedings of the 4th Edition of National Security Days (JNS4), pp.1-5, 12-13 May 2014.
  9. 9.
    Malanik D., Kouril L., “Honeypot as the Intruder Detection System”, In Proceedings of the 17th WSEAS International Conference on Computer, Kos(GR), pp. 96-101, 2013.
  10. 10.
    Gökırmak Y., Bektaş O., Soysal M., Yiğit S., “Sanal IPv6 Balküpü Ağı Altyapısı: Kovan”, Ulusal IPv6 Konferansı, 2011.
  11. 11.
    Gökırmak Y., Yüce E., Bektaş O., Soysal M., Orcan S., “IPv6 Balküpü Tasarımı”, Tübitak Ulakbim, Ankara, 2011.
  12. 12.
    Riboldi Jordao da Silva Vargas, I.; Kleinschmidt, J.H., "Capture and Analysis of Malicious Traffic in VoIP Environments Using a Low Interaction Honeypot," Latin America Transactions, IEEE (Revista IEEE America Latina), vol.13, no.3, pp.777-783, March 2015.
  13. 13.
    Shukla, R.; Singh, M., "PythonHoneyMonkey: Detecting malicious web URLs on client side honeypot systems," 3rd International Conference on Reliability, Infocom Technologies and Optimization (ICRITO) (Trends and Future Directions), vol., no., pp.1-5, 8-10 Oct. 2014.
  14. 14.
    Koniaris, I.; Papadimitriou, G.; Nicopolitidis, P.; Obaidat, M., "Honeypots deployment for the analysis and visualization of malware activity and malicious connections", IEEE International Conference on Communications (ICC), vol., no., pp.1819-1824, 10-14 June 2014.
  15. 15.
    Song Li; Qian Zou; Wei Huang, "A new type of intrusion prevention system, "International Conference on Information Science, Electronics and Electrical Engineering (ISEEE), vol.1, no., pp.361-364, 26-28 April 2014.
  16. 16.
    Chawda, K.; Patel, A.D., "Dynamic & hybrid honeypot model for scalable network monitoring," International Conference on Information Communication and Embedded Systems (ICICES), vol., no., pp.1-5, 27-28 Feb. 2014.
  17. 17.
    Xiangfeng Suo; Xue Han; Yunhui Gao, "Research on the application of honeypot technology in intrusion detection system," IEEE Workshop on Advanced Research and Technology in Industry Applications (WARTIA), vol., no., pp.1030-1032, 29-30 Sept. 2014.
  18. 18.
    Paul, S.; Mishra, B.K., "Honeypot based signature generation for defense against polymorphic worm attacks in networks," IEEE 3rd International Advance Computing Conference (IACC), vol., no., pp.159-163, 22-23 Feb. 2013.
  19. 19.
    Beham, M.; Vlad, M.; Reiser, H.P., "Intrusion detection and honeypots in nested virtualization environments,"), 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN, vol., no., pp.1-6, 24-27 June 2013.
  20. 20.
    Liu Dongxia; Zhang Yongbo, "An Intrusion Detection System Based on Honeypot Technology," International Conference on Computer Science and Electronics Engineering (ICCSEE), vol.1, no., pp.451-454, 23-25 March 2012.
  21. 21.
    Pomsathit, A., "Effective of Unicast and Multicast IP Address Attack over Intrusion Detection System with Honeypot," Congress on Engineering and Technology (S-CET), vol., no., pp.1-4, 27-30 May 2012.
  22. 22.
    Jiang Zhen; Zhenxiang Liu, "New honeypot system and its application in security of employment network," IEEE Symposium on Robotics and Applications (ISRA), vol., no., pp.627-629, 3-5 June 2012.
  23. 23.
    Akiyama, M.; Kawakoya, Y.; Hariu, T., "Scalable and Performance-Efficient Client Honeypot on High Interaction System," IEEE/IPSJ 12th International Symposium on Applications and the Internet (SAINT), vol., no., pp.40-50, 16-20 July 2012.
  24. 24.
    Fanfara, P.; Dufala, M.; Chovancova, E., "Usage of proposed autonomous hybrid honeypot for distributed heterogeneous computer systems in education process," IEEE 11th International Conference on Emerging eLearning Technologies and Applications (ICETA), vol., no., pp.83-88, 24-25 Oct. 2013.
  25. 25.
    Markert, J.; Massoth, M., "Honeypot Effectiveness in Different Categories of Attacks on Wireless Sensor Networks,"25th International Workshop on Database and Expert Systems Applications (DEXA), vol., no., pp.331-335, 1-5 Sept. 2014.
  26. 26.
    Musca, C.; Mirica, E.; Deaconescu, R., "Detecting and Analyzing Zero-Day Attacks Using Honeypots," 19th International Conference on Control Systems and Computer Science (CSCS), vol., no., pp.543-548, 29-31 May 2013.
  27. 27.
    Sadasivam, G.K.; Hota, C., "Scalable Honeypot Architecture for Identifying Malicious Network Activities," International Conference on Emerging Information Technology and Engineering Solutions (EITES), vol., no., pp.27-31, 20-21 Feb., 2015.
  28. 28.
    Djanali, S.; Arunanto, F.X.; Pratomo, B.A.; Baihaqi, A.; Studiawan, H.; Shiddiqi, A.M., "Aggressive web application honeypot for exposing attacker's identity,"1st International Conference on Information Technology, Computer and Electrical Engineering (ICITACEE), vol., no., pp.212-216, 8-8 Nov., 2014.
  29. 29.
    Haltas, F.; Uzun, E.; Siseci, N.; Posul, A.; Emre, B., "An automated bot detection system through honeypots for large-scale," 6th International Conference on Cyber Conflict (CyCon 2014), vol., no., pp.255-270, 3-6 June 2014.
  30. 30.
    Puska, A.; Nogueira, M.; Santos, A., "Unwanted traffic characterization on IP networks by low interactive honeypot," 10th International Conference on Network and Service Management (CNSM), vol., no., pp.284-287, 17-21 Nov. 2014.
  31. 31.
    Dali, Loubna; Bentajer, Ahmed; Abdelmajid, Elmoutaoukkil; Abouelmehdi, Karim; Elsayed, Hoda; Fatiha, Eladnani; Abderahim, Benihssane, "A survey of intrusion detection system," 2nd World Symposium on Web Applications and Networking (WSWAN), pp.1-6, 21-23 March 2015.
  32. 32.
    Butun, I.; Morgera, S.D.; Sankar, R., "A Survey of Intrusion Detection Systems in Wireless Sensor Networks", IEEE Communications Surveys & Tutorials, no.1, pp.266-282, First Quarter 2014.
  33. 33.
    Torrano-Giménez, C., Perez-Villegas, A., and Álvarez Marañón, G., "An anomaly-based approach for intrusion detection in web traffic" Internet: http://digital.csic.es/bitstream/10261/40544/1/ARTICULOS315428%5B1%5D.pdf (2010).
  34. 34.
    Gennaro Della V., Massimo E., “A Knowledge-Based Approach for Detecting Misuses in RFID Systems”, Designing and Deploying RFID Applications, Dr. Cristina Turcu (Ed.), ISBN: 978-953-307-265-4, InTech, DOI: 10.5772/17535. Available from: http://www.intechopen.com/books/designing-and-deploying-rfid-applications/a-knowledge-based-approach-for-detecting-misuses-in-rfid-systems.
  35. 35.
    Demirol, D., Daş, R., Baykara, M., “SQL Enjeksiyon Saldırı Uygulaması ve Güvenlik Önerileri”, 1st International Symposium on Digital Forensics and Security (1. Uluslararası Adli Bilişim ve Güvenlik Sempozyumu)”, 62-66, 20-21 Mayıs 2013, Elazığ - Turkey.
  36. 36.
    Karadoğan, İ., Daş, R., Baykara, M., “Scapy ile Ağ Paket Manipülasyonu”, 1st International Symposium on Digital Forensics and Security (1. Uluslararası Adli Bilişim ve Güvenlik Sempozyumu)”, 196-201, 20-21 Mayıs 2013, Firat University, Elazığ - Turkey.
  37. 37.
    Baykara, M., Daş, R., Karadogan, İ., “Bilgi Güvenliği Sistemlerinde Kullanılan Araçların İncelenmesi”, 1st International Symposium on Digital Forensics and Security (1. Uluslararası Adli Bilişim ve Güvenlik Sempozyumu)”, 231-239, 20-21 Mayıs 2013, Firat University, Elazığ - Turkey.
  38. 38.
    Gündüz, M.Z., Daş, R., "Yerel Alan Ağları İçin IP Tabanlı Saldırı Tespit Uygulaması ve Güvenlik Önerileri", 6. Uluslararası Bilgi Güvenliği ve Kriptoloji Konferansı (6th International Conference on Information Security and Cryptology - ISCTURKEY 2013), pp.302-307, 20-21 Eylül 2013, ODTÜ, Ankara.
  39. 39.
    Gündüz, M.Z., Daş, R., "Kablosuz Yerel Alan Ağlarına Sızma Uygulaması ve Temel Güvenlik Önerileri", 7. Uluslararası Bilgi Güvenliği ve Kriptoloji Konferansı (7th International Conference on Information Security and Cryptology - ISCTURKEY 2014), pp.295-300, 17-18 Ekim 2014, İstanbul Teknik Üniversitesi, İstanbul.
  40. 40.
    Bürhan, Y., Daş, R., Baykara, M., "Sosyal Ağ Ortamlarında Karşılaşılan Tehditlerin Analizi", The Third International Symposium on Digital Forensics and Security (ISDFS 2015), pp.194-200, 11-12 May, 2015, Gazi University, ANKARA.
IJCNA NPC