Honeynets: foundations for the development of early warning information systems

Pouget, Fabien; Dacier, Marc; Debar, Hervé; Pham, Van Hau
The Cyberspace Security and Defense: Research Issues - NATO Advanced Research Workshop, September 6-9, 2004, Gdansk, Poland - Also published as a chapter of Cyberspace Security And Defense: Research Issues, Janusz S. Kowalik (Ed), ISBN: 1402033796

This paper aims at presenting in some depth the "Leurré.com" project and its first results. The project aims at deploying so-called low level interaction honeypot platforms all over the world to collect in a centralized database a set of information amenable to the analysis of today's Internet threats. At the time of this writing, around two dozens platforms have been deployed in the five continents. The paper offers some insight into the findings that can be derived from such data set. More importantly, the design and the structure of the repository are presented and justified by means of several examples that highlight the simplicity and efficiency of extracting useful information out of it. We explain why such low cost, largely distributed system represents an important, foundational element, towards the building of early warning information systems.


DOI
Type:
Conférence
City:
Gdansk
Date:
2004-09-06
Department:
Sécurité numérique
Eurecom Ref:
1557
Copyright:
© Springer. Personal use of this material is permitted. The definitive version of this paper was published in The Cyberspace Security and Defense: Research Issues - NATO Advanced Research Workshop, September 6-9, 2004, Gdansk, Poland - Also published as a chapter of Cyberspace Security And Defense: Research Issues, Janusz S. Kowalik (Ed), ISBN: 1402033796 and is available at : http://www.springer.com/east/home?SGWID=5-102-22-40805324-0&changeHeader=true

PERMALINK : https://www.eurecom.fr/publication/1557