Paper Title :Pythonhoneymonkey: Detecting Malicious Internet Websites On Client Side Honeypots
Author :Rohit Shukla, M. Singh
Article Citation :Rohit Shukla ,M. Singh ,
(2014 ) " Pythonhoneymonkey: Detecting Malicious Internet Websites On Client Side Honeypots " ,
International Journal of Advance Computational Engineering and Networking (IJACEN) ,
pp. 50-54,
Volume-2,Issue-10
Abstract : With increasing awareness of security programming, the number of software vulnerabilities deployed on a machine
have subsequently decreased. These exploitation activity also required efforts of attackers in deploying, exploiting the service.
Firewalls, access control lists (ACL’s), intrusion detection/prevention systems deployed block inbound connections most of
the times. Whereas outbound connections are allowed since they have the permission of user accessing the traffic. A
vulnerable application requesting traffic from an externally hoisted server is exploited and user accessing the application
transfers shell to the server listening remotely. To eradicate this kind of attack technique, this paper focuses on creating a high
interaction honeypot system controlled by a python script. The client honeypot is governed by master running python script
using SSH traffic. Clients collect the urls by specifically crafted web-links crawler. These web links are visited by the
application specified. Then clients report all the suspicious activities performed in the form of logs and alerts created by snort
IDS while running the web pages on client side browsers. This url is further then stored into a blacklist which can restrict
browser from visiting this link in future. We introduce the design and implementation of this system in this paper.
Type : Research paper
Published : Volume-2,Issue-10
DOIONLINE NO - IJACEN-IRAJ-DOIONLINE-1324
View Here
Copyright: © Institute of Research and Journals
|
|
| |
|
PDF |
| |
Viewed - 60 |
| |
Published on 2014-10-01 |
|