E-Infrastuctures and E-Services for Developing Countries. Second International ICST Conference, AFRICOM 2010, Cape Town, South Africa, November 25-26, 2010, Revised Selected Papers

Research Article

Continent-Based Comparative Study of Internet Attacks

Download
374 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-23828-4_4,
        author={Idris Rai and Matsiko Perez},
        title={Continent-Based Comparative Study of Internet Attacks},
        proceedings={E-Infrastuctures and E-Services for Developing Countries. Second International ICST Conference, AFRICOM 2010, Cape Town, South Africa, November 25-26, 2010, Revised Selected Papers},
        proceedings_a={AFRICOMM},
        year={2012},
        month={5},
        keywords={Internet attacks threats honeypot sensor distributed honeypot systems SGNET},
        doi={10.1007/978-3-642-23828-4_4}
    }
    
  • Idris Rai
    Matsiko Perez
    Year: 2012
    Continent-Based Comparative Study of Internet Attacks
    AFRICOMM
    Springer
    DOI: 10.1007/978-3-642-23828-4_4
Idris Rai1,*, Matsiko Perez1,*
  • 1: Makerere University
*Contact email: rai@cit.mak.ac.ug, mushura.perez@gmail.com

Abstract

We have deployed a honeypot sensor node in Uganda that is connected to a distributed honeypot system managed by Leurrecom.org Honeypot project, which constitutes of a large number of different sensors distributed across different continents. Once joined the project, the system allows access to the whole dataset collected by all sensors in the distributed system. We use the data collected by the honeypot sensors for a period of six months to compare the attacks that have been detected by honeypot sensors in Africa to the attacks detected by sensors in other continents. Our findings reveals that sensor nodes in Africa experience a significant number of attacks. In some cases, the number of attacks for African sensor nodes is significantly higher than many sensors in developed countries. This shows that network attacks are independent of location and Internet popularity in a country. That is, low Internet penetration level in African countries does not mean that networks in Africa are safe from external attacks. In fact, the results further indicate that some attacks are highly likely guided against specific networks.