The HoneyTank: A scalable approach to collect malicious internet traffic

被引:4
|
作者
Vanderavero, Nicolas [1 ]
Brouckaert, Xavier [1 ]
Bonaventure, Olivier [1 ]
Le Charlier, Baudouin [1 ,2 ]
机构
[1] Department of Computing Science and Engineering, Universiteá Catholique de Louvain (UCL), Belgium
[2] Computing Science Department, Catholic University of Louvain-la-Neuve
来源
International Journal of Critical Infrastructures | 2008年 / 4卷 / 1-2期
关键词
Computational methods - Computer worms - Internet protocols - Intrusion detection;
D O I
10.1504/IJCIS.2008.016100
中图分类号
学科分类号
摘要
In this paper, we propose an efficient method for collecting large amounts of malicious internet traffic. The key advantage of our method is that it does not need to maintain any state to emulate TCP services running on a large number of emulated end-systems. We implemented a prototype on the ASAX intrusion detection system and we provide several examples of the malicious activities that were collected on a campus network attached to the internet. We explain how we implemented various protocols in a stateless way. We also discuss how our method can be improved to make an accurate but still stateless emulation of stateful protocols. Copyright © 2008 Inderscience Enterprises Ltd.
引用
收藏
页码:185 / 205
相关论文
共 50 条
  • [21] IMTCDF: A Multi-Module-Based Internet Malicious Traffic Classification and Detection Framework
    Li, Ziang
    Xu, Jie
    Chen, Zhenyu
    Zang, Tianning
    PROCEEDINGS OF THE 2024 27 TH INTERNATIONAL CONFERENCE ON COMPUTER SUPPORTED COOPERATIVE WORK IN DESIGN, CSCWD 2024, 2024, : 582 - 587
  • [22] A novel flow-vector generation approach for malicious traffic detection
    Hou, Jian
    Liu, Fangai
    Lu, Hui
    Tan, Zhiyuan
    Zhuang, Xuqiang
    Tian, Zhihong
    JOURNAL OF PARALLEL AND DISTRIBUTED COMPUTING, 2022, 169 : 72 - 86
  • [23] A Novel Semantic-Aware Approach for Detecting Malicious Web Traffic
    Yang, Jing
    Wang, Liming
    Xu, Zhen
    INFORMATION AND COMMUNICATIONS SECURITY, ICICS 2017, 2018, 10631 : 633 - 645
  • [24] Clinical practice guidelines on the Internet - A structured, scalable approach
    Dolin, RH
    Alschuler, L
    Biron, PV
    Fuller, LM
    Kim, AH
    Minkler, WT
    Onaga, D
    Mattison, JE
    M D COMPUTING, 1999, 16 (02): : 60 - 64
  • [25] Detecting malicious encrypted traffic with privacy set intersection in cloud-assisted industrial internet
    Feng, Jingyu
    Zhang, Jing
    Zhang, Wenbo
    Han, Gang
    JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2024, 85
  • [26] The internet traffic classification an online SVM approach
    Liu, Yuhai
    Liu, Hongbo
    Zhang, Hongyu
    Luan, Xin
    2008 THE INTERNATIONAL CONFERENCE ON INFORMATION NETWORKING, 2008, : 231 - +
  • [27] A Holistic Approach for Locating Traffic Differentiation in the Internet
    Garrett, Thiago
    Bona, Luis C. E.
    Duarte, Elias P.
    COMPUTER NETWORKS, 2021, 200
  • [28] An orchestration approach for unwanted Internet traffic identification
    Feitosa, Eduardo
    Souto, Eduardo
    Sadok, Djamel H.
    COMPUTER NETWORKS, 2012, 56 (12) : 2805 - 2831
  • [29] Distributed Malicious Traffic Detection
    Liu, Ying
    Wang, Zhiqiang
    Pang, Shufang
    Ju, Lei
    ELECTRONICS, 2024, 13 (23):
  • [30] Towards Fingerprinting Malicious Traffic
    Boukhtouta, Amine
    Lakhdari, Nour-Eddine
    Mokhov, Serguei A.
    Debbabi, Mourad
    4TH INTERNATIONAL CONFERENCE ON AMBIENT SYSTEMS, NETWORKS AND TECHNOLOGIES (ANT 2013), THE 3RD INTERNATIONAL CONFERENCE ON SUSTAINABLE ENERGY INFORMATION TECHNOLOGY (SEIT-2013), 2013, 19 : 548 - 555
12345