Honeycomb - Creating Intrusion Detection Signatures Using Honeypots :IT Library : ZDNet Asia

Vendor : University of Cambridge

View this now!

Email   E-mail this page

  Related Content

  Remember this item

Format: PDF

Date: 01/01/2008

Honeycomb - Creating Intrusion Detection Signatures Using Honeypots

0

0 votes

Overview

This paper describes a system for automated generation of attack signatures for network intrusion detection systems. The system applies pattern-matching techniques and protocol conformance checks on multiple levels in the protocol hierarchy to network traffic captured a honeypot system. This paper presents results of running the system on an unprotected cable modem connection for 24 hours. The system successfully created precise traffic signatures that otherwise would have required the skills and time of a security officer to inspect the traffic manually.

See also: Security Tools, Intrusion Detection Systems

Related whitepapers

Oracle Technology Solutions for Midsize Businesses
Find out more about Oracle's Vision for an Enterprise Performance Management System

Compare your IT salary
Sign-up for free download of IT salary benchmark report 2008.

Industry Report: Financial Services

Banking on the tech asset

More from CNET Networks Asia Pacific

CNET Networks International Sites

Security

Featured Whitepapers

Member Login

Honeycomb - Creating Intrusion Detection Signatures Using Honeypots

0

Related whitepapers

Industry Report: Financial Services