Research Article
Continent-Based Comparative Study of Internet Attacks
@INPROCEEDINGS{10.1007/978-3-642-23828-4_4, author={Idris Rai and Matsiko Perez}, title={Continent-Based Comparative Study of Internet Attacks}, proceedings={E-Infrastuctures and E-Services for Developing Countries. Second International ICST Conference, AFRICOM 2010, Cape Town, South Africa, November 25-26, 2010, Revised Selected Papers}, proceedings_a={AFRICOMM}, year={2012}, month={5}, keywords={Internet attacks threats honeypot sensor distributed honeypot systems SGNET}, doi={10.1007/978-3-642-23828-4_4} }
- Idris Rai
Matsiko Perez
Year: 2012
Continent-Based Comparative Study of Internet Attacks
AFRICOMM
Springer
DOI: 10.1007/978-3-642-23828-4_4
Abstract
We have deployed a honeypot sensor node in Uganda that is connected to a distributed honeypot system managed by Leurrecom.org Honeypot project, which constitutes of a large number of different sensors distributed across different continents. Once joined the project, the system allows access to the whole dataset collected by all sensors in the distributed system. We use the data collected by the honeypot sensors for a period of six months to compare the attacks that have been detected by honeypot sensors in Africa to the attacks detected by sensors in other continents. Our findings reveals that sensor nodes in Africa experience a significant number of attacks. In some cases, the number of attacks for African sensor nodes is significantly higher than many sensors in developed countries. This shows that network attacks are independent of location and Internet popularity in a country. That is, low Internet penetration level in African countries does not mean that networks in Africa are safe from external attacks. In fact, the results further indicate that some attacks are highly likely guided against specific networks.