Understanding threats

A prerequisite to enhance survivability of computing systems

F. Pouget, Marc Dacier, V. H. Pham

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

This paper shows the usefulness of using simple honeypots to obtain data for a better understanding of some internet attack processes. The acquired knowledge can then be used to drive sound security design decisions in order to improve the ability of our systems to resist to attacks. Based on three years of collected data, we provide in this paper a critical review of geographical information provided by NetGeo, a study of the aftermath of the Deloder worm and a refined analysis of the interaction between machines devoted to scan and to attack.

Original languageEnglish
Pages (from-to)153-171
Number of pages19
JournalInternational Journal of Critical Infrastructures
Volume4
Issue number1-2
DOIs
Publication statusPublished - 2008
Externally publishedYes

Fingerprint

Survivability
Attack
Acoustic waves
Internet
Computing
Honeypot
Worm
Resist
Interaction
sound
analysis
decision

Keywords

  • Data analysis
  • Forensics
  • Honeypots
  • Internet attacks

ASJC Scopus subject areas

  • Engineering (miscellaneous)
  • Modelling and Simulation
  • Safety, Risk, Reliability and Quality

Cite this

Understanding threats : A prerequisite to enhance survivability of computing systems. / Pouget, F.; Dacier, Marc; Pham, V. H.

In: International Journal of Critical Infrastructures, Vol. 4, No. 1-2, 2008, p. 153-171.

Research output: Contribution to journalArticle

@article{db812ea093484798b847e805ca7a5209,
title = "Understanding threats: A prerequisite to enhance survivability of computing systems",
abstract = "This paper shows the usefulness of using simple honeypots to obtain data for a better understanding of some internet attack processes. The acquired knowledge can then be used to drive sound security design decisions in order to improve the ability of our systems to resist to attacks. Based on three years of collected data, we provide in this paper a critical review of geographical information provided by NetGeo, a study of the aftermath of the Deloder worm and a refined analysis of the interaction between machines devoted to scan and to attack.",
keywords = "Data analysis, Forensics, Honeypots, Internet attacks",
author = "F. Pouget and Marc Dacier and Pham, {V. H.}",
year = "2008",
doi = "10.1504/IJCIS.2008.016098",
language = "English",
volume = "4",
pages = "153--171",
journal = "International Journal of Critical Infrastructures",
issn = "1475-3219",
publisher = "Inderscience Enterprises Ltd",
number = "1-2",

}

TY - JOUR

T1 - Understanding threats

T2 - A prerequisite to enhance survivability of computing systems

AU - Pouget, F.

AU - Dacier, Marc

AU - Pham, V. H.

PY - 2008

Y1 - 2008

N2 - This paper shows the usefulness of using simple honeypots to obtain data for a better understanding of some internet attack processes. The acquired knowledge can then be used to drive sound security design decisions in order to improve the ability of our systems to resist to attacks. Based on three years of collected data, we provide in this paper a critical review of geographical information provided by NetGeo, a study of the aftermath of the Deloder worm and a refined analysis of the interaction between machines devoted to scan and to attack.

AB - This paper shows the usefulness of using simple honeypots to obtain data for a better understanding of some internet attack processes. The acquired knowledge can then be used to drive sound security design decisions in order to improve the ability of our systems to resist to attacks. Based on three years of collected data, we provide in this paper a critical review of geographical information provided by NetGeo, a study of the aftermath of the Deloder worm and a refined analysis of the interaction between machines devoted to scan and to attack.

KW - Data analysis

KW - Forensics

KW - Honeypots

KW - Internet attacks

UR - http://www.scopus.com/inward/record.url?scp=37849016863&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=37849016863&partnerID=8YFLogxK

U2 - 10.1504/IJCIS.2008.016098

DO - 10.1504/IJCIS.2008.016098

M3 - Article

VL - 4

SP - 153

EP - 171

JO - International Journal of Critical Infrastructures

JF - International Journal of Critical Infrastructures

SN - 1475-3219

IS - 1-2

ER -