A Fuzzy Approach for Detecting and Defending Against Spoofing Attacks on Low Interaction Honeypots

Nitin Naik, Paul Jenkins

Allbwn ymchwil: Pennod mewn Llyfr/Adroddiad/Trafodion CynhadleddCyfraniad mewn cynhadleddadolygiad gan gymheiriaid

20 Dyfyniadau (Scopus)

Crynodeb

Honeypots are a well-recognised entrapment mechanism for baiting attackers in the field of network security. They gather real-time and valuable information from the attacker regarding their attack processes, which is not possible by other security means. Despite this invaluable contribution of the honeypot in moulding a cohesive security policy, the honeypot is normally designed with fewer resources, as security personnel do not consider it as part of the operational network. Consequently, such limited capability or low-interaction honeypots are vulnerable to common security attacks. A spoofing attack is one such attack that can be carried out on these low-interaction honeypots making them ineffectual. Unfortunately, these low-interaction honeypots have very limited or no capability to detect and defend against this type of attack due their inadequate ability to respond, versus a more complex honeypot with greater deceptive capabilities. Therefore, this paper proposes a resource-optimised fuzzy approach for detecting and defending against a spoofing attack on a low-interaction honeypot. Primarily, it proposes a detection mechanism for the spoofing attack based on the analysis of experimental data gathered from the honeypot and its internal network. Subsequently, the paper proposes a fuzzy approach for predicting and alerting, in a timely manner, the spoofing attack on low-interaction honeypots to prevent the attack. Finally, experimental simulation is utilised to demonstrate that any low-interaction honeypot can be made a spoofing attack-aware honeypot by employing the proposed fuzzy approach.

Iaith wreiddiolSaesneg
Teitl2018 21st International Conference on Information Fusion, FUSION 2018
CyhoeddwrInstitute of Electrical and Electronics Engineers Inc.
Tudalennau904-910
Nifer y tudalennau7
ISBN (Argraffiad)9780996452762
Dynodwyr Gwrthrych Digidol (DOIs)
StatwsCyhoeddwyd - 6 Medi 2018
Cyhoeddwyd yn allanolIe
Digwyddiad21st International Conference on Information Fusion, FUSION 2018 - Cambridge, Y Deyrnas Unedig
Hyd: 10 Gorff 201813 Gorff 2018

Cyfres gyhoeddiadau

Enw2018 21st International Conference on Information Fusion, FUSION 2018

Cynhadledd

Cynhadledd21st International Conference on Information Fusion, FUSION 2018
Gwlad/TiriogaethY Deyrnas Unedig
DinasCambridge
Cyfnod10/07/1813/07/18

Dyfynnu hyn