TY - GEN
T1 - Intelligent Dynamic Honeypot Enabled by Dynamic Fuzzy Rule Interpolation
AU - Naik, Nitin
AU - Shang, Changjing
AU - Shen, Qiang
AU - Jenkins, Paul
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2019/1/24
Y1 - 2019/1/24
N2 - Dynamic fuzzy rule interpolation (D-FRI) utilises a transformation-based knowledge interpolation mechanism to maintain a concurrent rule base according to the requirements of a given application problem. This feature makes it well-suited for network security applications where the perpetual change in the network conditions and traffic is unavoidable. Honeypots have become an important part of the security work of any organisation, gathering detailed information about an attack and attackers, in an effort to design the most robust protection policy. A honeypot deceives attackers to believe that they are interacting with a real system, thereby hiding its identity. Fingerprinting is one of the biggest threats to any honeypot allowing an attacker to discover the identity of the honeypot since once identified, its usefulness is limited. A number of methods have been proposed to fingerprint a honeypot preventing it from functioning; yet, it is a very challenging task to detect fingerprinting in real-time. This paper presents an intelligent and dynamic honeypot based on the D-FRI approach. The resulting system is capable of detecting certain types of fingerprinting threat in the absence of matching rules, while being able to learn and maintain a dynamic rule base for more accurate identification of possible fingerprinting threats based on the current network traffic conditions.
AB - Dynamic fuzzy rule interpolation (D-FRI) utilises a transformation-based knowledge interpolation mechanism to maintain a concurrent rule base according to the requirements of a given application problem. This feature makes it well-suited for network security applications where the perpetual change in the network conditions and traffic is unavoidable. Honeypots have become an important part of the security work of any organisation, gathering detailed information about an attack and attackers, in an effort to design the most robust protection policy. A honeypot deceives attackers to believe that they are interacting with a real system, thereby hiding its identity. Fingerprinting is one of the biggest threats to any honeypot allowing an attacker to discover the identity of the honeypot since once identified, its usefulness is limited. A number of methods have been proposed to fingerprint a honeypot preventing it from functioning; yet, it is a very challenging task to detect fingerprinting in real-time. This paper presents an intelligent and dynamic honeypot based on the D-FRI approach. The resulting system is capable of detecting certain types of fingerprinting threat in the absence of matching rules, while being able to learn and maintain a dynamic rule base for more accurate identification of possible fingerprinting threats based on the current network traffic conditions.
KW - D-FRI
KW - Dynamic fuzzy rule interpolation
KW - Dynamic honeypot
KW - Fingerprinting
KW - Intelligent honeypot
KW - Network security
UR - http://www.scopus.com/inward/record.url?scp=85062534013&partnerID=8YFLogxK
U2 - 10.1109/HPCC/SmartCity/DSS.2018.00250
DO - 10.1109/HPCC/SmartCity/DSS.2018.00250
M3 - Conference contribution
AN - SCOPUS:85062534013
T3 - Proceedings - 20th International Conference on High Performance Computing and Communications, 16th International Conference on Smart City and 4th International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018
SP - 1520
EP - 1527
BT - Proceedings - 20th International Conference on High Performance Computing and Communications, 16th International Conference on Smart City and 4th International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 20th International Conference on High Performance Computing and Communications, 16th IEEE International Conference on Smart City and 4th IEEE International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018
Y2 - 28 June 2018 through 30 June 2018
ER -