期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2018
卷号:18
期号:6
页码:8-19
出版社:International Journal of Computer Science and Network Security
摘要:Data control for the honeyfarm should protect the Internet from being attacked by compromised honeypots in the honeyfarm, while providing a controlled environment for malware behavior study. This paper presents such a honeyfarm and focuses on the design of a Data cOntrol mechanism based on Intrusion detection and Data redirection (DOID). The horizontal port scanning problem and DDoS attack problem are addressed in the proposed honeyfarm. Comprehensive experiments including attack event tracing, worm behavior study, forensic analysis, DDoS monitoring and performance evaluation display that DOID is an effective tool for attack monitoring and forensic analysis, with minimal overhead.
关键词:;;;; ;;;;;; Data Control; Honeyfarm; honeynet; forensic analysis
