Improving network security using honeypots
Dissertant
Thesis advisor
Comitee Members
Bin Abbu, Rashid
Husayni, Umar Iraqi
Radwan, Muhammad
University
Al Akhawayn University
Faculty
School of Science and Engineering
Department
Computer Networks
University Country
Morocco
Degree
Master
Degree Date
2011
English Abstract
With the development of Internet use, the number of network attacks is more and more increasing.
To encounter this risk, several security tools such firewalls and Intrusion Detection Systems were developed to fight against those attacks.
However, these tools do not provide enough information about attackers and their attacks; they are only used to detect and react to attacks.
In other words, they are purely defensive; the enemy has the initiative.
Therefore, to effectively fight against attacks by malicious hackers, it is necessary to understand how they work, what are their motives and the tools that they use.
To achieve that, a new security tool called Honeypot was developed.
Indeed, the concept of a Honeypot is to trap attackers by giving them a vulnerable system to attack.
At this moment, the Honeypot shall collect data silently without preventing the attacker or getting his attention.
The data gathered by the Honeypot will then be analyzed to obtain information on the attackers.
This information can be used by security administrators to take actions to decrease or even stop these attacks.
For example, they may send reports to the owners of the infected machines.
So, in this way, people become aware of network attacks.
In this project, we explored honeynets and deployed Honeyd, one of the most powerful Honeypot tools, in a Linux machine for 10 days for collecting information on attackers and their attacks.
In addition, we developed a PHP-based web interface that queries the data from the MySQL database and produces diagrams in order to help security administrators to easily understand what has happened inside the Honeyd tool.
Such queries could be the current attacks and the top detected attacks with their source IP addresses and country of origin.
Besides, this interface sends alerts via email to administrators about critical attacks.
Main Subjects
Engineering & Technology Sciences (Multidisciplinary)
Topics
No. of Pages
74
Table of Contents
Table of contents.
Abstract.
Abstract in Arabic.
Chapter One : Introduction.
Chapter Two : Tools to fight against attacks.
Chapter Three : Honeypots.
Chapter Four : Concept and implementation.
Chapter Five : Data analysis.
Conclusion.
References.
American Psychological Association (APA)
Alami, Muhammad al-Wali. (2011). Improving network security using honeypots. (Master's theses Theses and Dissertations Master). Al Akhawayn University, Morocco
https://search.emarefa.net/detail/BIM-645194
Modern Language Association (MLA)
Alami, Muhammad al-Wali. Improving network security using honeypots. (Master's theses Theses and Dissertations Master). Al Akhawayn University. (2011).
https://search.emarefa.net/detail/BIM-645194
American Medical Association (AMA)
Alami, Muhammad al-Wali. (2011). Improving network security using honeypots. (Master's theses Theses and Dissertations Master). Al Akhawayn University, Morocco
https://search.emarefa.net/detail/BIM-645194
Language
English
Data Type
Arab Theses
Record ID
BIM-645194