A Proposal for a New Way of Classifying Network Security Metrics: Study of the Information Collected through a Honeypot

Creators: Carrasco Muñoz, Alejandro; Ropero Rodríguez, Jorge; Ruiz de Clavijo Vázquez, Paulino; Benjumea Mondéjar, Jaime; Luque Sendra, Amalia

Others:: Universidad de Sevilla. Departamento de Tecnología Electrónica; Universidad de Sevilla. Departamento de Ingeniería del Diseño

Description

Nowadays, honeypots are a key tool to attract attackers and study their activity. They help us in the tasks of evaluating attacker's behaviour, discovering new types of attacks, and collecting information and statistics associated with them. However, the gathered data cannot be directly interpreted, but must be analyzed to obtain useful information. In this paper, we present a SSH honeypot-based system designed to simulate a vulnerable server. Thus, we propose an approach for the classification of metrics from the data collected by the honeypot along 19 months.

A Proposal for a New Way of Classifying Network Security Metrics: Study of the Information Collected through a Honeypot

Description

Additional details