Daniel Fraunholz, Daniel Krohmer, Frederic Pohl, H. Schotten
{"title":"关于安全事件和外围漏洞的检测和处理——一个模块化和灵活的基于蜂蜜令牌的框架","authors":"Daniel Fraunholz, Daniel Krohmer, Frederic Pohl, H. Schotten","doi":"10.1109/NTMS.2018.8328709","DOIUrl":null,"url":null,"abstract":"Information security is a fast-changing domain. Traditional security mechanisms such as firewalls and access control are circumvented regularly. The amount of significant security incidents grows each year. Deception systems are a perfect match to support perimeter-based technologies in intrusion detection, data breach identification and data leakage prevention. In this work, a framework is proposed generating, deploying, monitoring and maintaining honeytokens on a host system. The framework is easily extendable and flexible in its use. The authors also describe a prototype implementation for four different types of tokens and thereby address typical issues when operating honeytokens.","PeriodicalId":140704,"journal":{"name":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","volume":"148 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"On the Detection and Handling of Security Incidents and Perimeter Breaches - A Modular and Flexible Honeytoken based Framework\",\"authors\":\"Daniel Fraunholz, Daniel Krohmer, Frederic Pohl, H. Schotten\",\"doi\":\"10.1109/NTMS.2018.8328709\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Information security is a fast-changing domain. Traditional security mechanisms such as firewalls and access control are circumvented regularly. The amount of significant security incidents grows each year. Deception systems are a perfect match to support perimeter-based technologies in intrusion detection, data breach identification and data leakage prevention. In this work, a framework is proposed generating, deploying, monitoring and maintaining honeytokens on a host system. The framework is easily extendable and flexible in its use. The authors also describe a prototype implementation for four different types of tokens and thereby address typical issues when operating honeytokens.\",\"PeriodicalId\":140704,\"journal\":{\"name\":\"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)\",\"volume\":\"148 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NTMS.2018.8328709\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NTMS.2018.8328709","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
On the Detection and Handling of Security Incidents and Perimeter Breaches - A Modular and Flexible Honeytoken based Framework
Information security is a fast-changing domain. Traditional security mechanisms such as firewalls and access control are circumvented regularly. The amount of significant security incidents grows each year. Deception systems are a perfect match to support perimeter-based technologies in intrusion detection, data breach identification and data leakage prevention. In this work, a framework is proposed generating, deploying, monitoring and maintaining honeytokens on a host system. The framework is easily extendable and flexible in its use. The authors also describe a prototype implementation for four different types of tokens and thereby address typical issues when operating honeytokens.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
