Detail publikačního výsledku

Behavioral signature generation using shadow honeypot

BARABAS, M.; DROZD, M.; HANÁČEK, P.

Original Title

English Title

Behavioral signature generation using shadow honeypot

Type

Peer-reviewed article not indexed in WoS or Scopus

Original Abstract

The main goal is to present new method of detection zero-day buffer overflow vulnerabilities. This method is based on signature generation from network traffic. We provide the detection model that generates detection profiles by honeypot systems. In this article we show 112 metrics that will be used for malware characterization in network traffic and we show the use of this method on two examples: abused buffer overflow vulnerability in FTP server and use of public known internet worm - Conficker.

English abstract

Keywords

behavioral signatures, metrics, network, security design

Key words in English

behavioral signatures, metrics, network, security design

Authors

BARABAS, M.; DROZD, M.; HANÁČEK, P.

RIV year

2013

Released

30.05.2012

ISBN

2010-376X

Periodical

World Academy of Science, Engineering and Technology

Volume

2012

Number

State

Republic of Indonesia

Pages from

829

Pages to

833

Pages count

URL

http://www.waset.org/journals/waset/v65/v65-163.pdf

Full text in the Digital Library

http://hdl.handle.net/

BibTex

@article{BUT96920,
  author="Maroš {Barabas} and Michal {Drozd} and Petr {Hanáček}",
  title="Behavioral signature generation using shadow honeypot",
  journal="World Academy of Science, Engineering and Technology",
  year="2012",
  volume="2012",
  number="65",
  pages="829--833",
  issn="2010-376X",
  url="http://www.waset.org/journals/waset/v65/v65-163.pdf"
}

Documents

ICCNSS_2012

VUT

Faculties

University Institutes

Parts

Behavioral signature generation using shadow honeypot