Wykorzystanie drzew sufiksowych do efektywnej prezentacji podobieństw sesji z systemu pułapek honeypot
More details
Hide details
NASK Polska
Publication date: 2023-02-20
Cybersecurity and Law 2023;9(1):298-315
The article presents a prototype of a system for analyzing data from a honeypot network. A special attention is paid to finding similarities in the collected ssh sessions. The algorithm proposed looks for generalized patterns in the session using suffix trees. The patterns can be used for a convenient presentation of the displayed sessions and for searching. The examples of analysis carried out with the help of the algorithm are presented.
Boddy M., Exposed: Cyberattacks on cloud honeypots, 2019, https://assets.sophos.com /X24WTUEQ/at/rgbjvgnx6qwwj7wvx764rmbn/sophos-exposed-cyberattacks-on-cloud-honeypotswp.pdf [dostęp: 7.01.2023].
Dubuisson Duplessis G. i in., Utterance retrieval based on recurrent surface text patterns [w:] European Conference on Information Retrieval, Aberdeen 2017.
Dumont P., Meier R., Gugelmann D., Lenders V., Detection of malicious remote shell sessions [w:] 2019 11th International Conference on Cyber Conflict, t. 900, Tallinn 2019.
Jorquera Valero J.M., Pérez M., Huertas A., Martinez Perez G., Identification and classification of cyber threats through SSH honeypot systems [w:] Gupta B.B., Srinivasagopalan S., Handbook of Research on Intrusion Detection Systems, Hershey, PA 2020.
Kelly C., Pitropakis N., Mylonas A., McKeown S., Buchanan W.J., A comparative analysis of honeypots on different cloud platforms, „Sensors” 2021, t. 21, nr 7.
Lasota K., Niewiadomska-Szynkiewicz E., Kozakiewicz A., Adaptacja rozwiązań honeypot dla sieci czujników, „Studia Informatica” 2012, t. 33, nr 1.
Martinez J., Pérez M., Ruiz-Martínez A., A novel machine learning-based approach for the detection of ssh botnet infection, „Future Generation Computer Systems” 2021, t. 115.
Memari N., Hashim S., Samsudin K., Network probe patterns against a honeynet in Malaysia, „Defence S and T Technical Bulletin” 2015, t. 8, nr 1.
Navarro Ferrer O., Analysis of reinforcement learning techniquesapplied to honeypot systems,” Master’s thesis, Universitat Oberta de Catalunya, Barcelona 2021.
Rabadia P., Valli C., Ibrahim A., Baig Z., Analysis of attempted intrusions: intelligence gathered from ssh honeypots [w:] The 15th Australian Digital Forensics Conference, Perth 2017.
Sadique F., Sengupta S., Analysis of attacker behavior in compromised hosts during command and control [w:] ICC 2021 – IEEE International Conference on Communications, Montreal 2021.
Satria E., Huda T.P.S., Iqbal M., Sarjana F., The investigation on cowrie honeypot logs in establishing rule signature snort [w:] International Conference on Agricultural Technology, Engineering, and Environmental Sciences (ICATES), Banda Aceh 2020.
Setianto F. i in., Gpt-2c: A gpt-2 parser for cowrie honeypot logs, 2021, https://arxiv.org/abs/2109.065... [dostęp: 7.01.2023].
Ukkonen E., On-line construction of suffix trees, „Algorithmica” 1995, t. 14, nr 3.
Wang B., Chen J., Yu C., An ai-powered network threat detection system, „IEEE Access” 2022, t. 10.
Journals System - logo
Scroll to top