Effective Proactive and Reactive Defense Strategies against Malicious Attacks in a Virtualized Honeynet

Lin, Frank Yeong-Sung; Wang, Yushun; Huang, Ming-Yang

doi:10.1155/2013/518213

Cited by 12 publications

(8 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As is evident in Table 8, the value of contest intensity determines the nature of a battle. However, there should be no obvious trend for network compromise probability based on the different values of contest intensity [14][15][16][17]. In other words, the value of contest intensity prefers neither the defender nor the commanders.…”

Section: The Relationship Between Synergy Effectiveness and Contest Imentioning

confidence: 99%

“…This function has been widely used in the literature addressing various economicsrelated activities, as well as international and civil wars [12,13]. In recent years, this theory has also been applied to the determination of the success probability for the attacker to compromise a system [14][15][16][17]. The form of contest success function is as follows:…”

Section: Scenariomentioning

confidence: 99%

See 1 more Smart Citation

A Cyber-Attack Synergy Model Considering Both Positive and Negative Impacts from Each Attacker

Wang

Hung

Rau

et al. 2015

International Journal of Distributed Sensor Networks

Self Cite

View full text Add to dashboard Cite

An emerging attack strategy, collaborative attack, is considered the next generation type of attack. There are only a few models quantifying the synergy of a collaborating attack. Further, previous models consider only positive effects regardless of potential disharmonious factors which are common in the real world. Contributions of this work are summarized as follows: first, this paper introduces a mathematical formulation measuring synergy which takes both positive and negative effects into consideration. This model can not only be applied in measuring collaborative attack effectiveness, but also be used to describe the synergy in other teamwork scenarios. The scenario of an applicable cyber-warfare can take place in a wired network, wireless network, or sensor network. Secondly, a meaningful connection between contest success function and Cobb-Douglas function is proposed and integrated in a cyber-attack scenario. Both the contest intensity of the contest success function and the sum of exponents of CobbDouglas function reflect an environmental factor regarding whether it encourages investing or not. Lastly, comparisons between the proposed model and the Cobb-Douglas function are also presented with a subsequent discussion of implications. The behavior of the proposed model is closer to reality and less coupled to another exogenous variable, contest intensity.

show abstract

Section: The Relationship Between Synergy Effectiveness and Contest Imentioning

confidence: 99%

Section: Scenariomentioning

confidence: 99%

A Cyber-Attack Synergy Model Considering Both Positive and Negative Impacts from Each Attacker

Wang

Hung

Rau

et al. 2015

International Journal of Distributed Sensor Networks

Self Cite

View full text Add to dashboard Cite

show abstract

“…For instance, availability objectives could be decomposed into timeliness, recoverability, redundancy, etc. Integrity objective could be decomposed into accountability, authentication, non-repudiation [53], dependability, veracity, etc., while confidentiality objective could be decomposed to authorisation, access control, etc. [6], [10], [15], [33].…”

Section: A) Primary and Secondary Objectivesmentioning

confidence: 99%

“…Existing security control efforts and implementations basically take on one of two broad control capabilities: proactivity and reactivity [53], [54]. Security metrics should thus mirror the same dimensions.…”

Section: A) Control Capabilitiesmentioning

confidence: 99%

A framework for Operational Security Metrics Development for industrial control environment

Ani

Tiwari

2018

Journal of Cyber Security Technology

View full text Add to dashboard Cite

Security metrics are very crucial towards providing insights when measuring security states and susceptibilities in industrial operational environments. Obtaining practical security metrics depend on effective security metrics development approaches. To be effective, a security metrics development framework should be scopedefinitive, objective-oriented, reliable, simple, adaptable, and repeatable (SORSAR). A framework for Operational Security Metrics Development (OSMD) for industry control environments is presented, which combines concepts and characteristics from existing approaches. It also adds the new characteristic of adaptability. The OSMD framework is broken down into three phases of: target definition, objective definition, and metrics synthesis. A case study scenario is used to demonstrate an instance of how to implement and apply the proposed framework to demonstrate its usability and workability. Expert elicitation has also be used to consolidate the validity of the proposed framework. Both validation approaches have helped to show that the proposed framework can help create effective and efficient ICScentric security metrics taxonomy that can be used to evaluate capabilities or vulnerabilities. The understanding from this can help enhance security assurance within industrial operational environments.

show abstract

“…A virtual Honeypot Framework [3] describes the design and implementation of Honeyd, a framework for virtual honeypots that simulates computer systems at the network level. Literature [4] propose that a honeynet can be used to assist the system administrator in identifying malicious traffic on the enterprise network. Literature [5] applies the honeypot concept to the email system in order to proactively detect bad providers where the honey consists of unique email address.…”

Section: Introductionmentioning

confidence: 99%

Research and Implementation of a Network Secure System Based on Honeypots

Luo¹,

Sun²

2015

Proceedings of the 2nd International Conference on Civil, Materials and Environmental Sciences

View full text Add to dashboard Cite

Abstract-Aiming at the shortcomings of the traditional honeypot on massive global scanning attact, this paper constructs a novel network secure system based on honeypots (NSSH). Afterwards, this paper discusses the classic architecture of NSSH, which consists of four parts, firewall/router, analysis network, honeypot and monitor network. The paper also gives out analysis and implementation in detail of the key techniques of NSSH, including the honeypot model and audit analysis based on statistics. Our simulation experiments indicate that comparing to the traditional secure system based on honeypot, NSSH can make network's security performance to a high level and NSSH has important impact on forecast and monitor attack activities.

show abstract

Effective Proactive and Reactive Defense Strategies against Malicious Attacks in a Virtualized Honeynet

Cited by 12 publications

References 19 publications

A Cyber-Attack Synergy Model Considering Both Positive and Negative Impacts from Each Attacker

A Cyber-Attack Synergy Model Considering Both Positive and Negative Impacts from Each Attacker

A framework for Operational Security Metrics Development for industrial control environment

Research and Implementation of a Network Secure System Based on Honeypots

Contact Info

Product

Resources

About