An evaluation of connection characteristics for separating network attacks
International Journal of Security and Networks
| Hi-index | 0.00 |
In this paper, we describe the development of J-Honeypot,a Java-based network deception tool witha web-based monitoring interface and a rule-basedintrusion detection engine. Our J-Honeypot is basedon the Honeyd program by Niels Provos, butfeatures important enhancements. First, since J-Honeypotis written in Java, it can potentially runon various platforms, windows or UNIX,workstations or handheld devices. Second, J-Honeypothas a rule-based intrusion detectionengine, whose design is guided by the analysis ofreal world attack data. The attack data wascollected by opening up our J-Honeypot to solicitpossible attacks. Third, J-Honeypot includes a web-basedmonitoring tool that is easily accessible andcan help network administrators better understandnetwork traffic and possible attacks.