![](/images/graphics-bg.png)
Automatic Identification of Honeypot Server Using Machine Learning Techniques
Joint Authors
Huang, Cheng
Han, Jiaxuan
Zhang, Xing
Liu, Jiayong
Source
Security and Communication Networks
Issue
Vol. 2019, Issue 2019 (31 Dec. 2019), pp.1-8, 8 p.
Publisher
Hindawi Publishing Corporation
Publication Date
2019-09-22
Country of Publication
Egypt
No. of Pages
8
Main Subjects
Information Technology and Computer Science
Abstract EN
Traditional security strategies are powerless when facing novel attacks in the complex network environment, such as advanced persistent threat (APT).
Compared with traditional security detection strategies, the honeypot system, especially on the Internet of things research area, is intended to be attacked and automatically monitor potential attacks by analyzing network packages or log files.
The researcher can extract exactly threat actor tactics, techniques, and procedures from these data and then generate more effective defense strategies.
But for normal security researchers, it is an urgent topic how to improve the honeypot mechanism which could not be recognized by attackers, and silently capture their behaviors.
So, they need awesome intelligent techniques to automatically check remotely whether the server runs honeypot service or not.
As the rapid progress in honeypot detection using machine learning technologies, the paper proposed a new automatic identification model based on random forest algorithm with three group features: application-layer feature, network-layer feature, and other system-layer feature.
The experiment datasets are collected from public known platforms and designed to prove the effectiveness of the proposed model.
The experiment results showed that the presented model achieved a high area under curve (AUC) value with 0.93 (area under the receiver operating characteristic curve), which is better than other machine learning algorithms.
American Psychological Association (APA)
Huang, Cheng& Han, Jiaxuan& Zhang, Xing& Liu, Jiayong. 2019. Automatic Identification of Honeypot Server Using Machine Learning Techniques. Security and Communication Networks،Vol. 2019, no. 2019, pp.1-8.
https://search.emarefa.net/detail/BIM-1210330
Modern Language Association (MLA)
Huang, Cheng…[et al.]. Automatic Identification of Honeypot Server Using Machine Learning Techniques. Security and Communication Networks No. 2019 (2019), pp.1-8.
https://search.emarefa.net/detail/BIM-1210330
American Medical Association (AMA)
Huang, Cheng& Han, Jiaxuan& Zhang, Xing& Liu, Jiayong. Automatic Identification of Honeypot Server Using Machine Learning Techniques. Security and Communication Networks. 2019. Vol. 2019, no. 2019, pp.1-8.
https://search.emarefa.net/detail/BIM-1210330
Data Type
Journal Articles
Language
English
Notes
Includes bibliographical references
Record ID
BIM-1210330