Assessing security risk to a network using a statistical model of attacker community competence
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
| Hi-index | 0.00 |
This paper presents a summary of university research performed on honeypot techniques and summarizes the results Honeypots are computing resources that serve no other purpose on a network than to be a target for attackers, and log data about the attacks. Low-interaction and high-interaction honeypots were implemented and deployed on a university network, and data was logged and analyzed about attacks that occurred during the honeypots' deployment. Current efforts in the "black hat" attacker community focusing on detecting and subverting honeypots are discussed, and recommendations are made to improve the usage of honeypots as an attack profiling tool by improving the control measures that make a honeypot easy to detect.