Advertisement

Detecting Malwares in Honeynet Using a Multi-agent System

  • Michał Szczepanik
  • Ireneusz Jóźwiak
Part of the Communications in Computer and Information Science book series (CCIS, volume 88)

Abstract

The importance of network security is rapidly increasing as more and more business is conducted via these systems. The proposed honeynet system can be used to detect bots or malware based on the evaluation of events occurring within a computer network. A honeypot is a trap set to detect, deflect or in some manner counteract attempts at unauthorized access to information systems. A honeynet (a network consisting of 2 or more honeypots) is used for surveillance of larger or more diverse networks for which one honeypot may not be sufficient. The detection algorithms of these systems are based on signatures derived from the analysis of various types of malicious software. The proposed honeynet system is a combination of a post intrusion detection system and a files analyzer. It has been implemented using multi-agent technology.

Keywords

honeypot honeynet computer forensics malware 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Piotrowski, M.: The protection of computer networks through technology honeypot (2007) (in Polish)Google Scholar
  2. 2.
    Rush, M., Orebaugh, A., Clark, G., Pinkard, B., Babbin, J.: Intrusion Prevention and Active Response - Deploying Network and Host IPS (2005)Google Scholar
  3. 3.
    Erickson, J.: Hacking: The Art of Exploitation (2008)Google Scholar
  4. 4.
    Holz, T., Dornseif, M.: Hands on Honeypot Technology, Black Hat 2005 (2005), http://blackhat.com
  5. 5.
    Yang, G., Rong, C., Dai, Y.: A Distributed Honeypot System for Grid Security. In: Li, M., Sun, X.-H., Deng, Q.-n., Ni, J. (eds.) GCC 2003. LNCS, vol. 3032, pp. 1083–1086. Springer, Heidelberg (2004)Google Scholar
  6. 6.
    Barford, P., Chen, Y., Li Goyal, Z.: Employing Honeynets For Network Situational Awareness (2010)Google Scholar
  7. 7.
    Tang, H., Zhu, B., Ren, K.: A New Approach to Malware Detection. In: Park, J.H., et al. (eds.) ISA 2009. LNCS, vol. 5576, pp. 229–238. Springer, Heidelberg (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Michał Szczepanik
    • 1
  • Ireneusz Jóźwiak
    • 1
  1. 1.Institute of InformaticsWrocław University of TechnologyPoland

Personalised recommendations