Browse > Article
http://dx.doi.org/10.13089/JKIISC.2007.17.5.117

Design and Implementation of an Agent-Based System for Luring Hackers  

Kim, Ik-Su (Soongsil University)
Kim, Myung-Ho (Soongsil University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.17, no.5, 2007 , pp. 117-130 More about this Journal
Abstract
A honeypot is a security resource whose value lies in being attack. It collects data regarding the attack strategies and tools of hackers. However, the honeypot is normally located at a single point, and the possibility is small that a hacker will attack it. Unused ports-based decoy systems which gather data about hackers activities have been developed to complement honeypots. However, the systems have some problems to be deployed in actual environment. In this paper, we propose an agent-based system which enhances shortcomings of the unused ports-based decoy systems. It makes honeypot gather more information regarding hacker activities and protects clients from attacks. Moreover, the proposed system can increase the chance of tracking hackers activities without wasting additional IP addresses and computer hardwares.
Keywords
Computer security; Agent; Signature; Honeypot; Intrusion;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Martin Roesch, 'Snort-Lightweight Intrusion Detection for Networks,' Proceedings of the LISA, 1999
2 Brian Laing, Jimmy Alderson, How to Guide: Implementing a Network Based Inrusion Detection System, Internet Security System, 2000
3 이현우, 이상엽, 정현철, 정윤종, 임채호, 'Analysis of Large Scale Network Vulnerability Scan Attacks and Implementation of The Scan-Detection Tool,' 1999
4 브라질 사이버테러 정보보호 현황 및 대응기구, 국가사이버안전센터, Monthly 사이버 시큐리티 1월호
5 Cristine Hoepers, Klaus Steding-Jessen, Luiz E. R. Cordeiro and Marcelo H. P. C. Chaves, 'A National Early Warning Capability Based on a Network of Distributed Honeypots,' 17th Annual FIRST Conference on Computer Security Incident Handling, 2005
6 Tillmann Werner, Honeytrap: Trap Attacks against TCP Services, http://honeytrap.sourceforge.net
7 Know Your Enemy: Honeynets, http://www.honeynet.org, 2005
8 김익수, 김명호, '사용되지 않는 포트를 이용하여 해커를 허니팟으로 리다이렉트하는 시스템 설계 및 구현,' 한국정보보호학회논문지, 16(5), pp. 15-24, October 2006   과학기술학회마을
9 John G. Levine, Julian B. Grizzard, Henry L. Owen, 'Using Honeynets to Protect Large Enterprise Networks,' IEEE Security and Privacy, 2, pp. 74-75, 2004
10 Miyoung Kim, Misun Kim, Youngsong Mun, 'Design and Implementation of the HoneyPot System with Focusing on the Session Redirection,' Proceedings of the ICCSA, 3043, pp. 262-269, May 2004
11 L. Spitzner, Know Your Enemy: Sebek2 A Kernel Based Data Capture Tool, http://www.honeynet.org, 2003
12 L. Spitzer, Honeypots: Tracking Hackers, Addison-Wesley, 2002
13 Xing-Yun He, Knok-Yan, Siu-Leung Chung, Chi-Hung Chi, Jia-Guang Sun, 'Real-Time Emulation of Intrusion Victim in HoneyFarm,' Proceedings of the AWCC, 3309, pp. 143-154, Nov 2004
14 Know Your Enemy: Honeywall CDROM, http://www.honeynet.org, 2004