Exploring Extensions of Traditional Honeypot Systems and Testing the Impact on Attack Profiling

by McGrew, Robert Wesley

Abstract (Summary)
This thesis explores possibilities for extending the features of honeypot systems to decrease the chance of an attacker discovering that they have compromised a honeypot. It is proposed that by extending the period of time that an attacker spends on a honeypot oblivious to its status, more information relevant to profiling the attacker can be gained. Honeypots are computer systems that are deployed in a way that attackers can easily compromise them. These systems, which contain no production data, are useful both as early warning systems for attacks on production systems, and for studying the tools, techniques, and motives of attackers. Current honeypot systems mitigate the risks of running a honeypot by restricting out-bound traffic in a way that might be obvious to an attacker. The extensions proposed for honeypots will be tested in a controlled laboratory environment.
Bibliographical Information:

Advisor:Rayford B. Vaughn; David A. Dampier; Mahalingam Ramkumar

School:Mississippi State University

School Location:USA - Mississippi

Source Type:Master's Thesis

Keywords:computer science


Date of Publication:11/04/2005

© 2009 All Rights Reserved.