Jackson, Peter (2005) Detection of network threats using honeypots. Other thesis, Edinburgh Napier University.
Available under License Creative Commons Attribution Non-commercial.
Download (518kB) | Preview
The increasing use of computer communication for many day to day tasks has resulted in a greater reliance on communication networks such as the Internet. The impact of a serious interruption to the operation of the Internet may have far reaching and costly consequences. The Internet has experienced several incidents caused by network worms, including an almost total shutdown by network as the result of the Morris worm in 1988. This project covers the design, implementation and evaluation of a distributed honeypot system that provides the facilities to centrally log threat information. A system of this nature may collect information regarding a threat at the early stages of infection, allowing the possibility of an effective response to be deployed. A number of software components have been developed in several programming languages including C, Perl and PHP. The prototype system run on a Linux based operating system. Experiments were performed that demonstrated the systems ability to detect new threats within a short period of their first sighting.
|Item Type:||Thesis (Other)|
|Uncontrolled Keywords:||data security; malware; network worms; distributed honeypot;|
|University Divisions/Research Centres:||Faculty of Engineering, Computing and Creative Industries > School of Computing|
|Dewey Decimal Subjects:||000 Computer science, information & general works >|
000 Computer science, information & general works > 000 Computer science, knowledge & systems > 005 Computer programming, programs & data > 005.8 Data security
|Library of Congress Subjects:||Q Science > QA Mathematics > QA75 Electronic computers. Computer science|
|Depositing User:||Professor Bill Buchanan|
|Date Deposited:||10 Jan 2011 11:43|
|Last Modified:||12 Jan 2011 04:57|
Actions (login required)