Communications and Networking. 12th International Conference, ChinaCom 2017, Xi’an, China, October 10-12, 2017, Proceedings, Part II

Research Article

A Honeyfarm Data Control Mechanism and Forensic Study

Download
135 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-319-78139-6_37,
    author={Wei Yin and Hongjian Zhou and Chunlei Yang},
    title={A Honeyfarm Data Control Mechanism and Forensic Study},
    proceedings={Communications and Networking. 12th International Conference, ChinaCom 2017, Xi’an, China, October 10-12, 2017, Proceedings, Part II},
    proceedings_a={CHINACOM},
    year={2018},
    month={4},
    keywords={Honeyfarm Data control Forensic analysis},
    doi={10.1007/978-3-319-78139-6_37}
}
  • Wei Yin
    Hongjian Zhou
    Chunlei Yang
    Year: 2018
    A Honeyfarm Data Control Mechanism and Forensic Study
    CHINACOM
    Springer
    DOI: 10.1007/978-3-319-78139-6_37
Wei Yin1,*, Hongjian Zhou1, Chunlei Yang1
  • 1: North China Institute of Computing Technology
*Contact email: yinweihappy168@yahoo.com

Abstract

Honeyfarm is a model to deploy honeypots for global network attack monitoring, correlation and forensic analysis. Data control is a fundamental problem in the honeyfarm to protect the Internet from being attacked by compromised honeypots in the honeyfarm, while providing a controlled environment for worm behaviour study. However, this problem is not well addressed in a limited number of existing implementations. This paper presents a honeyfarm system and focuses on the design of a data control mechanism based on Intrusion detection and Data redirection (DOID). Comprehensive experiments including attack event tracing, worm behaviour study and forensic analysis display that DOID is a good tool for attack monitoring and forensic analysis.

Keywords
Honeyfarm Data control Forensic analysis
Published
2018-04-30
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-319-78139-6_37
Copyright © 2017–2023 EAI