Authentication via keystroke dynamics
Proceedings of the 4th ACM conference on Computer and communications security
ELIZA—a computer program for the study of natural language communication between man and machine
Communications of the ACM
A guided tour to approximate string matching
ACM Computing Surveys (CSUR)
Honeypots: Tracking Hackers
Introduction to Reinforcement Learning
Introduction to Reinforcement Learning
Recent Advances in Hierarchical Reinforcement Learning
Discrete Event Dynamic Systems
Linux Security Modules: General Security Support for the Linux Kernel
Proceedings of the 11th USENIX Security Symposium
Embedding an SQL database with SQLite
Linux Journal
Pessimal Print: A Reverse Turing Test
ICDAR '01 Proceedings of the Sixth International Conference on Document Analysis and Recognition
Kernel korner: intro to inotify
Linux Journal
Lessons learned from the deployment of a high-interaction honeypot
EDCC '06 Proceedings of the Sixth European Dependable Computing Conference
Bash Cookbook: Solutions and Examples for Bash Users (Cookbooks (O'Reilly))
Bash Cookbook: Solutions and Examples for Bash Users (Cookbooks (O'Reilly))
Preventing privilege escalation
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Profiling Attacker Behavior Following SSH Compromises
DSN '07 Proceedings of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks
The ghost in the browser analysis of web-based malware
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
IEEE Security and Privacy
Reinforcement learning: a survey
Journal of Artificial Intelligence Research
Self Adaptive High Interaction Honeypots Driven by Game Theory
SSS '09 Proceedings of the 11th International Symposium on Stabilization, Safety, and Security of Distributed Systems
The Journal of Machine Learning Research
"Out-of-the-Box" monitoring of VM-based high-interaction honeypots
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
A reinforcement learning approach for host-based intrusion detection using sequences of system calls
ICIC'05 Proceedings of the 2005 international conference on Advances in Intelligent Computing - Volume Part I
A pointillist approach for comparing honeypots
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Towards automatic learning of valid services for honeypots
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
The nepenthes platform: an efficient approach to collect malware
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
| Hi-index | 0.00 |
In this article we describe a new paradigm for adaptive honeypots that are capable of learning from their interaction with attackers. The main objective of such honeypots is to get as much information as possible about the profile of an intruder, while decoying their true nature and goals. We have leveraged machine learning techniques for this task and have developed a honeypot that uses a variant of reinforcement learning in order to learn the best behavior when facing attackers. The honeypot is capable of adopting behavioral strategies that vary from blocking commands, returning erroneous messages right up to insults that aim to irritate the intruder and serve as reverse Turing Test. Our preliminary experimental results show that behavioral strategies are dependent on contextual parameters and can serve as advanced building blocks for intelligent honeypots.