Automating the analysis of honeypot data

Olivier Thonnard, Jouni Viinikka, Corrado Leita, Marc Dacier

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

We describe the on-going work towards further automating the analysis of data generated by a large honeynet architecture called Leurre.com and SGNET. The underlying motivation is helping us to integrate the use of honeypot data into daily network security monitoring. We propose a system based on two automated steps: i) the detection of relevant attack events within a large honeynet traffic data set, and ii) the extraction of highly similar events based on temporal correlation.

Original languageEnglish
Title of host publicationRecent Advances in Intrusion Detection - 11th International Symposium, RAID 2008, Proceedings
Pages406-407
Number of pages2
DOIs
Publication statusPublished - 27 Nov 2008
EventRecent Advances in Intrusion Detection - 11th International Symposium, RAID 2008, Proceedings - Cambridge, MA, United States
Duration: 15 Sep 200817 Sep 2008

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5230 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceRecent Advances in Intrusion Detection - 11th International Symposium, RAID 2008, Proceedings
CountryUnited States
CityCambridge, MA
Period15/9/0817/9/08

    Fingerprint

Keywords

  • Honeypots
  • Internet threats analysis
  • Malicious behavior characterization

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Thonnard, O., Viinikka, J., Leita, C., & Dacier, M. (2008). Automating the analysis of honeypot data. In Recent Advances in Intrusion Detection - 11th International Symposium, RAID 2008, Proceedings (pp. 406-407). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5230 LNCS). https://doi.org/10.1007/978-3-540-87403-4_29