Sajeel Mehta, D. Pawade, Yash Nayyar, Irfan A. Siddavatam, Anoop Tiwart, A. Dalvi
{"title":"Cowrie Honeypot Data Analysis and Predicting the Directory Traverser Pattern during the Attack","authors":"Sajeel Mehta, D. Pawade, Yash Nayyar, Irfan A. Siddavatam, Anoop Tiwart, A. Dalvi","doi":"10.1109/ICSES52305.2021.9633881","DOIUrl":null,"url":null,"abstract":"Honeypots are recent innovation in intrusion detection technology. They are the traps designed to basically entrap potential intruders and log their activities. The main objective of such systems is to collect the information about the intruders, deviate them from accessing critical systems, push them to stay on top of the system for some time so their behavior can be observed. We have used Cowrie Honeypot to achieve the above objectives. The log of intruder activities is maintained which is processed and graphically visualized using ELK. This intruder activity data is useful to know the intruder behavior and accordingly safety measures can be employed against that. In extension to data visualization, we have also implemented the probabilistic approach to predict the directory traverser pattern of the intruder. This will help us to understand the next traverser step in advance so that we can take precautionary measures to avoid it.","PeriodicalId":6777,"journal":{"name":"2021 International Conference on Innovative Computing, Intelligent Communication and Smart Electrical Systems (ICSES)","volume":"58 1","pages":"1-4"},"PeriodicalIF":0.0000,"publicationDate":"2021-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Innovative Computing, Intelligent Communication and Smart Electrical Systems (ICSES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSES52305.2021.9633881","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Honeypots are recent innovation in intrusion detection technology. They are the traps designed to basically entrap potential intruders and log their activities. The main objective of such systems is to collect the information about the intruders, deviate them from accessing critical systems, push them to stay on top of the system for some time so their behavior can be observed. We have used Cowrie Honeypot to achieve the above objectives. The log of intruder activities is maintained which is processed and graphically visualized using ELK. This intruder activity data is useful to know the intruder behavior and accordingly safety measures can be employed against that. In extension to data visualization, we have also implemented the probabilistic approach to predict the directory traverser pattern of the intruder. This will help us to understand the next traverser step in advance so that we can take precautionary measures to avoid it.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
