HONEYD DETECTION VIA ABNORMAL BEHAVIORS GENERATED BY THE ARPD DAEMON

A. Boulaiche; K. Adi

doi:10.5220/0001927200650071

HONEYD DETECTION VIA ABNORMAL BEHAVIORS GENERATED BY THE ARPD DAEMON

A. Boulaiche, K. Adi

2008

Abstract

In this paper we describe some serious flaws in the software Honeyd that is one of the most popular software of honeypots, these flaws allow an attacker to easily identify the presence and the scope of a deployed honeypot. Hence, we describe in details both the flaws and how they can be used to attack the honeypot. Furthermore, we elaborate a set of possible solutions to fix each of these flaws. Our technique is mainly based on the detection of abnormal behaviors of the honeypot.

Download

Paper Citation

in Harvard Style

Boulaiche A. and Adi K. (2008). HONEYD DETECTION VIA ABNORMAL BEHAVIORS GENERATED BY THE ARPD DAEMON . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008) ISBN 978-989-8111-59-3, pages 65-71. DOI: 10.5220/0001927200650071

in Bibtex Style

@conference{secrypt08,
author={A. Boulaiche and K. Adi},
title={HONEYD DETECTION VIA ABNORMAL BEHAVIORS GENERATED BY THE ARPD DAEMON},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)},
year={2008},
pages={65-71},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001927200650071},
isbn={978-989-8111-59-3},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)
TI - HONEYD DETECTION VIA ABNORMAL BEHAVIORS GENERATED BY THE ARPD DAEMON
SN - 978-989-8111-59-3
AU - Boulaiche A.
AU - Adi K.
PY - 2008
SP - 65
EP - 71
DO - 10.5220/0001927200650071