A honeypot system with honeyword-driven fake interactive sessions

Catuogno, Luigi; Castiglione, Aniello; Palmieri, Francesco

doi:10.1109/hpcsim.2015.7237039

Cited by 20 publications

(16 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Hence, if ( ) , then the authentication succeeds, and the honeychecker will send back its "approval", whilst otherwise an alarm is triggered, as the password file has probably been attacked. Table I illustrates the related notation [14].…”

Section: Review Of Honeywordsmentioning

confidence: 99%

Achieving Flatness: Honeywords Generation Method for Passwords based on user behaviours

Akif¹,

Sabeeh²,

Rodgers³

et al. 2019

ijacsa

View full text Add to dashboard Cite

Honeywords (decoy passwords) have been proposed to detect attacks against hashed password databases. For each user account, the original password is stored with many honeywords in order to thwart any adversary. The honeywords are selected deliberately such that a cyber-attacker who steals a file of hashed passwords cannot be sure, if it is the real password or a honeyword for any account. Moreover, entering with a honeyword to login will trigger an alarm notifying the administrator about a password file breach. At the expense of increasing the storage requirement by 24 times, the authors introduce a simple and effective solution to the detection of password file disclosure events. In this study, we scrutinise the honeyword system and highlight possible weak points. Also, we suggest an alternative approach that selects the honeywords from existing user information, a generic password list, dictionary attack, and by shuffling the characters. Four sets of honeywords are added to the system that resembles the real passwords, thereby achieving an extremely flat honeywords generation method. To measure the human behaviours in relation to trying to crack the password, a testbed engaged with by 820 people was created to determine the appropriate words for the traditional and proposed methods. The results show that under the new method it is harder to obtain any indication of the real password (high flatness) when compared with traditional approaches and the probability of choosing the real password is 1/k, where k = number of honeywords plus the real password.

show abstract

Section: Review Of Honeywordsmentioning

confidence: 99%

Achieving Flatness: Honeywords Generation Method for Passwords based on user behaviours

Akif¹,

Sabeeh²,

Rodgers³

et al. 2019

ijacsa

View full text Add to dashboard Cite

show abstract

“…Dimana port knocking dapat mengontrol layanan port terbuka dan port tertutup [1]. Selain menggunakan metode port knocking dibutuhkan honeypot untuk mengalihkan attacker kedalam server tiruan dan mendeteksi serangan apa saja yang dilakukan oleh attacker/intruder pada server [2]. Pada penelitian sebelumnya port knocking belum dikombinasikan dengan honeypot, port knocking hanya digunakan untuk menyembunyikan port, dan dapat berjalan dengan baik pada Virtual Debian Versi 6.0.1 [3].…”

Section: Pendahuluanunclassified

Port Knocking Dan Honeypot Sebagai Keamanan Jaringan Pada Server Ubuntu Virtual

Wilman

Fitri

Nathasia

2018

JIMP

View full text Add to dashboard Cite

Sistem keamanan terhadap akses data harus ditingkatkan seiring dengan perkembangan teknologi dan organisasi maka organisasi tersebut harus semakin waspada terhadap orang-orang yang tidak bertanggung jawab dan tidak memiliki hak akses tentang data rahasia perusahaan yang ada pada server. Server merupakan suatu wadah utama untuk datadata penting suatu organisasi. Server Virtual dengan OS Linux sangat disarankan bagi pemula, karena mudah untuk dipelajari karena server bersifat krusial, maka server perlu diberikan suatu keamanan untuk melindungi data-data atau memblokir jalan dari intruder (penyusup) menuju server dengan cara member lebih dari satu metode keamanan yang berbeda untuk mengelabuhi intruder. Keamanan jaringan port knocking merupakan metode untuk menutup dan membuka port tertentu yang diamankan oleh administrator dengan menggunakan beberapa key atau kode untuk dapat membuka dan menutup port. Metode yang kedua suatu keamanan jaringan dapat dengan menggunakan honeypot. Dimana honeypot merupakan server tipuan untuk intruder agar dia seolaholah berhasil masuk ke dalam server sungguhan. Dalam pengetesan kedua metode keamanan jaringan tersebut menggunakan putty dan mobaxtrem Mengkombinasikan kedua metode firewall yaitu port knocking dan honeypot.

show abstract

“…However, the virtual honeypot can be perceived by attackers because it cannot provide the completely real environment of system, and the information provided by a single or multiple virtual honeypots is not enough to reflect the whole feature of intrusion. For the former, the highly interactive honeypots are proposed to give attackers the adequate feedbacks of information [29,30]. For the latter, the distributed honey-net system is set up to provide more accurate attacking report under circumstance of highly cooperating between virtual honeypots [31,32].…”

Section: Related Workmentioning

confidence: 99%

A Multi-level Perception Security Model Using Virtualization

Lou¹,

Jiang²,

Chang³

et al. 2018

TIIS

View full text Add to dashboard Cite

Virtualization technology has been widely applied in the area of computer security research that provides a new method for system protection. It has been a hotspot in system security research at present. Virtualization technology brings new risk as well as progress to computer operating system (OS). A multi-level perception security model using virtualization is proposed to deal with the problems of oversimplification of risk models, unreliable assumption of secure virtual machine monitor (VMM) and insufficient integration with virtualization technology in security design. Adopting the enhanced isolation mechanism of address space, the security perception units can be protected from risk environment. Based on parallel perceiving by the secure domain possessing with the same privilege level as VMM, a mechanism is established to ensure the security of VMM. In addition, a special pathway is set up to strengthen the ability of information interaction in the light of making reverse use of the method of covert channel. The evaluation results show that the proposed model is able to obtain the valuable risk information of system while ensuring the integrity of security perception units, and it can effectively identify the abnormal state of target system without significantly increasing the extra overhead.

show abstract

A honeypot system with honeyword-driven fake interactive sessions

Cited by 20 publications

References 28 publications

Achieving Flatness: Honeywords Generation Method for Passwords based on user behaviours

Achieving Flatness: Honeywords Generation Method for Passwords based on user behaviours

Port Knocking Dan Honeypot Sebagai Keamanan Jaringan Pada Server Ubuntu Virtual

A Multi-level Perception Security Model Using Virtualization

Contact Info

Product

Resources

About