Detail publikace

Behavioral signature generation using shadow honeypot

BARABAS, M. DROZD, M. HANÁČEK, P.

Originální název

Behavioral signature generation using shadow honeypot

Typ

článek v časopise - ostatní, Jost

Jazyk

angličtina

Originální abstrakt

The main goal is to present new method of detection zero-day buffer overflow vulnerabilities. This method is based on signature generation from network traffic. We provide the detection model that generates detection profiles by honeypot systems. In this article we show 112 metrics that will be used for malware characterization in network traffic and we show the use of this method on two examples: abused buffer overflow vulnerability in FTP server and use of public known internet worm - Conficker.

Klíčová slova

behavioral signatures, metrics, network, security design

Autoři

BARABAS, M.; DROZD, M.; HANÁČEK, P.

Rok RIV

2012

Vydáno

30. 5. 2012

ISSN

2010-376X

Periodikum

World Academy of Science, Engineering and Technology

Ročník

2012

Číslo

65

Stát

Indonéská republika

Strany od

829

Strany do

833

Strany počet

5

URL

http://www.waset.org/journals/waset/v65/v65-163.pdf

BibTex

@article{BUT96920,
  author="Maroš {Barabas} and Michal {Drozd} and Petr {Hanáček}",
  title="Behavioral signature generation using shadow honeypot",
  journal="World Academy of Science, Engineering and Technology",
  year="2012",
  volume="2012",
  number="65",
  pages="829--833",
  issn="2010-376X",
  url="http://www.waset.org/journals/waset/v65/v65-163.pdf"
}