Seifert, Christian, Welch, Ian and Komisarczuk, Peter (2006) HoneyC - The low-interaction client honeypot. Technical Report. University of Wellington.

Full text not available from this repository.

Abstract

Client honeypots crawl the Internet to find and identify servers that exploit client-side vulnerabilities. Traditionally, these servers are identified by the client honeypot monitoring state changes that result
from a server interaction. These, so called high-interaction, client honeypots are slow and expensive to operate because they require an entire operating system to be hosted. We have developed a componentbased low-interaction client honeypot that emulates only the essential features of our target clients and that applies signature matching to allow fast static analysis of server responses. Performance measurements of a prototype implementation targeting clients using the HTTP 1.1 protocol indicate that low-interaction client honeypots are faster and cheaper than high-interaction client honeypots. The difference in false negatives
suggests that these technologies may be complementary rather than competitive in nature.

Item Type:	Report (Technical Report)
Keywords:	Security, Client Honeypots, Intrusion Detection
Subjects:	Computing
Depositing User:	Vani Aul
Date Deposited:	21 Mar 2014 16:18
Last Modified:	28 Aug 2021 07:05
URI:	https://repository.uwl.ac.uk/id/eprint/843

Actions (login required)

View Item