Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WWW
2011
ACM
2011
ACM
Heat-seeking honeypots: design and experience
Many malicious activities on the Web today make use of compromised Web servers, because these servers often have high pageranks and provide free resources. Attackers are therefore constantly searching for vulnerable servers. In this work, we aim to understand how attackers find, compromise, and misuse vulnerable servers. Specifically, we present heatseeking honeypots that actively attract attackers, dynamically generate and deploy honeypot pages, then analyze logs to identify attack patterns. Over a period of three months, our deployed honeypots, despite their obscure location on a university network, attracted more than 44,000 attacker visits from close to 6,000 distinct IP addresses. By analyzing these visits, we characterize attacker behavior and develop simple techniques to identify attack traffic. Applying these techniques to more than 100 regular Web servers as an example, we identified malicious queries in almost all of their logs. Categories and Subject Descriptors H.4 [Inf...
Real-time TrafficRelated Content
| Added | 15 May 2011 |
| Updated | 15 May 2011 |
| Type | Journal |
| Year | 2011 |
| Where | WWW |
| Authors | John P. John, Fang Yu, Yinglian Xie, Arvind Krishnamurthy, Martín Abadi |
Comments (0)
Researcher Info
|
