Thakar et al., 2005 - Google Patents
Honeyanalyzer–analysis and extraction of intrusion detection patterns & signatures using honeypotThakar et al., 2005
View PDF- Document ID
- 18113555806038386092
- Author
- Thakar U
- Varma S
- Ramani A
- Publication year
- Publication venue
- Proceedings of the Second International Conference on Innovations in Information Technology
External Links
Snippet
ABSTRACT A Honeypot is a security resource, which is intended to be attacked and compromised to gain more information about the attacker and his attack techniques. A honeypot can also indicate about how to perform forensics. The information gathered by …
- 238000001514 detection method 0 title abstract description 37
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Booij et al. | ToN_IoT: The role of heterogeneity and the need for standardization of features and attack types in IoT network intrusion data sets | |
| Thakar et al. | Honeyanalyzer–analysis and extraction of intrusion detection patterns & signatures using honeypot | |
| Wang et al. | A graph based approach toward network forensics analysis | |
| Valeur et al. | Comprehensive approach to intrusion detection alert correlation | |
| US20160191549A1 (en) | Rich metadata-based network security monitoring and analysis | |
| Stergiopoulos et al. | Automatic detection of various malicious traffic using side channel features on TCP packets | |
| Mualfah et al. | Network forensics for detecting flooding attack on web server | |
| Ali et al. | Automated anomaly detector adaptation using adaptive threshold tuning | |
| Ring et al. | A toolset for intrusion and insider threat detection | |
| Hnamte et al. | An extensive survey on intrusion detection systems: Datasets and challenges for modern scenario | |
| Venturi et al. | Practical evaluation of graph neural networks in network intrusion detection | |
| Zekrifa | Hybrid Intrusion Detection System | |
| Mahfouz et al. | Toward a holistic, efficient, stacking ensemble intrusion detection system using a real cloud-based dataset | |
| Dagdee et al. | Intrusion attack pattern analysis and signature extraction for web services using honeypots | |
| Gui et al. | A Principled Approach for Detecting APTs in Massive Networks via Multi-Stage Causal Analytics | |
| Raheja et al. | Rule‐Based Approach for Botnet Behavior Analysis | |
| Thakar et al. | Pattern analysis and signature extraction for intrusion attacks on web services | |
| Balan et al. | A Machine Learning Approach for Network Traffic Analysis using Random Forest Regression. | |
| CN113596037A (en) | APT attack detection method based on event relation directed graph in network full flow | |
| Ersson et al. | Botnet detection with event-driven analysis | |
| Felix et al. | Framework for Analyzing Intruder Behavior of IoT Cyber Attacks Based on Network Forensics by Deploying Honeypot Technology | |
| Rafique et al. | Xminer: Nip the zero day exploits in the bud | |
| US20240380761A1 (en) | Machine learning based approach to detect stealthy command and control network communications | |
| Hubballi et al. | Event Log Analysis and Correlation: A Digital Forensic Perspective | |
| Singh et al. | Intrusion Detection System Based on Real Time Rule Accession and Honeypot |