Honeypots: A Force Multiplier in Educational Domain
Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Since the beginning of the Enterprise IT infrastructures, security remained a major concern for both the hardware vendors and software developers. Over a period of time, a number of security solutions are proposed to address the known security issues. However, past experience shows that black hats (hackers/intruders) are always ahead of the security implementers. They have been successful in devising techniques to breach security parameters and steal information and/or gain access to resources. There are many commercially available tools for securing information assets like Firewalls, IDS (Intrusion Detection Systems), IPS (Intrusion Prevention Systems), Anti-virus, Anti-spyware, Anti-malware, etc. But they are mostly used to protect computers and networks against known/identified/reported vulnerabilities. In case of zero day attacks, things may go unidentified for quite a long time. Hence there is a need of a tool and/or solution which can be used to spy on the attacker, slowing them down and possibly deceiving them. Honeypots and related technologies exactly promise to do so.To have an insight over the concepts of information security and the tools used for securing information assets against different attacks, students of this field must have some hands-on experience over these tools as part of their curriculum. By doing so, we will enable students to work with available defense methodologies for potential exploits and threats. In this thesis we have implemented honeypot technology in an online Information Security Laboratory. Honeypots generally are decoys created to lure hackers and are closely monitored within a network to have a trail of attacks and to provide necessary alerts. The lab design adopted in our work provides a controlled environment, while keeping it accessible for both on campus and distance students. Students can use our prototype to understand honeypot technology and test it by launching different probes and attacks. We have further derived a mechanism to present the logs generated by honeypot in a user friendly and meaningful way. The adopted approach makes the process of log analysis more efficient and effective. Which otherwise could be a nightmare for analysts.
Place, publisher, year, edition, pages
2012. , 80 p.
IdentifiersURN: urn:nbn:se:ltu:diva-59007Local ID: f8d3fca7-7dc2-43e7-be3f-e6f726abe671OAI: oai:DiVA.org:ltu-59007DiVA: diva2:1032395
Subject / course
Student thesis, at least 30 credits
Information Security, master's level
Validerat; 20121018 (anonymous)2016-10-042016-10-04Bibliographically approved