Octavian Grigorescu, Cristian Sandescu, Alexandru Caba
{"title":"Web应用程序蜜罐在野外发布","authors":"Octavian Grigorescu, Cristian Sandescu, Alexandru Caba","doi":"10.1109/RoEduNet51892.2020.9324870","DOIUrl":null,"url":null,"abstract":"The goal of this project is to create an intelligent system that will be installed under a cybernetic infrastructure, with the purpose of detecting cyber-attacks and learning about their methods of scanning and penetrating. For this project, we aim to examine data generated by the attacker's actions and highlight the value of information provided by them. Thus, we create honeypots that hold “Capture the Flag” type of games in the area of web applications. These games have multiple challenges of varying difficulties aiming to keep the attacker busy in order to learn his behavior. We created a web application with multiple vulnerabilities and published the honeypot in the exposed internet for about 2 months. During this period, we discovered a lot of noise produced by the bots and scrappers that tried to find out relevant information from the machine. Besides this, we found 2 attempts of human interaction that succeeded to solve a couple of vulnerabilities and gave up at one point leaving the challenges unfinished.","PeriodicalId":140521,"journal":{"name":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","volume":"96 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Web Application Honeypot Published in the Wild\",\"authors\":\"Octavian Grigorescu, Cristian Sandescu, Alexandru Caba\",\"doi\":\"10.1109/RoEduNet51892.2020.9324870\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The goal of this project is to create an intelligent system that will be installed under a cybernetic infrastructure, with the purpose of detecting cyber-attacks and learning about their methods of scanning and penetrating. For this project, we aim to examine data generated by the attacker's actions and highlight the value of information provided by them. Thus, we create honeypots that hold “Capture the Flag” type of games in the area of web applications. These games have multiple challenges of varying difficulties aiming to keep the attacker busy in order to learn his behavior. We created a web application with multiple vulnerabilities and published the honeypot in the exposed internet for about 2 months. During this period, we discovered a lot of noise produced by the bots and scrappers that tried to find out relevant information from the machine. Besides this, we found 2 attempts of human interaction that succeeded to solve a couple of vulnerabilities and gave up at one point leaving the challenges unfinished.\",\"PeriodicalId\":140521,\"journal\":{\"name\":\"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)\",\"volume\":\"96 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RoEduNet51892.2020.9324870\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 19th RoEduNet Conference: Networking in Education and Research (RoEduNet)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RoEduNet51892.2020.9324870","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The goal of this project is to create an intelligent system that will be installed under a cybernetic infrastructure, with the purpose of detecting cyber-attacks and learning about their methods of scanning and penetrating. For this project, we aim to examine data generated by the attacker's actions and highlight the value of information provided by them. Thus, we create honeypots that hold “Capture the Flag” type of games in the area of web applications. These games have multiple challenges of varying difficulties aiming to keep the attacker busy in order to learn his behavior. We created a web application with multiple vulnerabilities and published the honeypot in the exposed internet for about 2 months. During this period, we discovered a lot of noise produced by the bots and scrappers that tried to find out relevant information from the machine. Besides this, we found 2 attempts of human interaction that succeeded to solve a couple of vulnerabilities and gave up at one point leaving the challenges unfinished.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
