On the Detection and Handling of Security Incidents and Perimeter Breaches - A Modular and Flexible Honeytoken based Framework

2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS) Pub Date : 2018-02-01 DOI:10.1109/NTMS.2018.8328709

Daniel Fraunholz, Daniel Krohmer, Frederic Pohl, H. Schotten

引用次数: 10

Abstract

Information security is a fast-changing domain. Traditional security mechanisms such as firewalls and access control are circumvented regularly. The amount of significant security incidents grows each year. Deception systems are a perfect match to support perimeter-based technologies in intrusion detection, data breach identification and data leakage prevention. In this work, a framework is proposed generating, deploying, monitoring and maintaining honeytokens on a host system. The framework is easily extendable and flexible in its use. The authors also describe a prototype implementation for four different types of tokens and thereby address typical issues when operating honeytokens.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

关于安全事件和外围漏洞的检测和处理——一个模块化和灵活的基于蜂蜜令牌的框架

信息安全是一个快速变化的领域。防火墙和访问控制等传统安全机制经常被绕过。重大安全事件的数量每年都在增长。在入侵检测、数据泄露识别和数据泄漏预防方面，欺骗系统是支持基于周界的技术的完美匹配。在这项工作中，提出了一个在主机系统上生成、部署、监控和维护蜂蜜令牌的框架。该框架易于扩展，使用灵活。作者还描述了四种不同类型令牌的原型实现，从而解决了操作蜂蜜令牌时的典型问题。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)

自引率

0.00%

发文量

期刊最新文献

A New Dynamic Trust Model for "On Cloud" Federated Identity Management Privacy Preserving Queries on Directed Graph "Speak, Friend, and Enter" - Secure, Spoken One-Time Password Authentication Workplace Capacity Design Using the Minimum Dominating Set in Server Migration Services Using Dynamic Occupancy Patterns for Improved Presence Detection in Intelligent Buildings