AN ELASTIC-HYBRID HONEYNET FOR CLOUD ENVIRONMENT

Computer science & information technology Pub Date : 2018-12-22 DOI:10.5121/CSIT.2018.81809

Nguyen Khac Bao, S. Ahn, Minho Park

{"title":"AN ELASTIC-HYBRID HONEYNET FOR CLOUD ENVIRONMENT","authors":"Nguyen Khac Bao, S. Ahn, Minho Park","doi":"10.5121/CSIT.2018.81809","DOIUrl":null,"url":null,"abstract":"When low-interaction honey net systems are not powerful enough and high-interaction honey net systems require a lot of resources, hybrid solutions offer the benefit’s of both worlds. Affected by this trend, more and more hybrid honey net systems have been proposed to obtain wide coverage of attack traffic and high behavioral ideality in recent years. However, these system themselves contain some limitations such as the high latency, the lack of prevention method for compromised honey pots, the waste of resources and the finger printing problem of honey pot that hinder them to achieve their goals. To address these limitations, we propose a new honey net architecture called Efficient Elastic Hybrid Honey net. Utilizing the advantages of combining SDN and NFV technologies, this system can reduce the response time for attack traffic, isolate compromised honey pots effectively, defeat the finger printing problem of honey pots, and optimize the resources for maintenance and deployment. Testing our system with real attack traffic, the results have showed that Efficient Elastic-Hybrid Honey net system is not only practical, but also very efficient.","PeriodicalId":72673,"journal":{"name":"Computer science & information technology","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2018-12-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer science & information technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5121/CSIT.2018.81809","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

When low-interaction honey net systems are not powerful enough and high-interaction honey net systems require a lot of resources, hybrid solutions offer the benefit’s of both worlds. Affected by this trend, more and more hybrid honey net systems have been proposed to obtain wide coverage of attack traffic and high behavioral ideality in recent years. However, these system themselves contain some limitations such as the high latency, the lack of prevention method for compromised honey pots, the waste of resources and the finger printing problem of honey pot that hinder them to achieve their goals. To address these limitations, we propose a new honey net architecture called Efficient Elastic Hybrid Honey net. Utilizing the advantages of combining SDN and NFV technologies, this system can reduce the response time for attack traffic, isolate compromised honey pots effectively, defeat the finger printing problem of honey pots, and optimize the resources for maintenance and deployment. Testing our system with real attack traffic, the results have showed that Efficient Elastic-Hybrid Honey net system is not only practical, but also very efficient.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

云环境下的弹性混合蜜网

当低交互作用的蜜网系统不够强大，而高交互作用的蜂蜜网系统需要大量资源时，混合解决方案可以两全其美。受这一趋势的影响，近年来，越来越多的混合蜜网系统被提出，以获得广泛的攻击流量覆盖和较高的行为理想。然而，这些系统本身也存在一些局限性，如延迟高、缺乏对受损蜜罐的预防方法、资源浪费以及蜜罐的指纹问题，这些都阻碍了它们实现目标。为了解决这些限制，我们提出了一种新的蜜网架构，称为高效弹性混合蜜网。该系统利用SDN和NFV技术相结合的优势，可以减少攻击流量的响应时间，有效隔离受损的蜜罐，解决蜜罐指纹问题，优化维护和部署资源。通过对实际攻击流量的测试，结果表明高效弹性混合Honey网络系统不仅实用，而且效率很高。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Computer science & information technology

自引率

0.00%

发文量