| 题名: |
DISTRIBUTED LOW-INTERACTION HONEYPOT SYSTEM TO DETECT BOTNETS |
| 作者: |
Ahmad Jakalan,龚俭,刘尚东 |
| 杂志/会议: |
ASME Press |
| 卷、期、页码: |
ISBN: 9780791859735, DOI: 10.1115/1.859735.paper66 |
| 时间: |
2011-06 |
| 关键词: |
Network security, Botnet detection, Honeypot, Nepenthes |
| 摘要: |
The objective of this research is to detect the existence of botnets in the monitored network by designing a distributed low-interaction honeypot, and to provide clues from the detection for the threat evaluation by botnets propagation estimation. A distributed framework of nepenthes honeypots is built to collect as more as possible malware samples. These samples are analyzed firstly by features via antivirus scan, then by behavior via two online sandboxes. The configuration of Nepenthes is optimized to improve the capture efficiency. |
| 索引: |
ISTP:WOS:000320340300066 |
|
全文链接
导出
|