Wykorzystanie drzew sufiksowych
do efektywnej prezentacji podobieństw
sesji z systemu pułapek honeypot
1
NASK Polska
Publication date: 2023-02-20
Cybersecurity and Law 2023;9(1):298-315
KEYWORDS
ABSTRACT
The article presents a prototype of a system for analyzing data from a honeypot network.
A special attention is paid to finding similarities in the collected ssh sessions. The algorithm
proposed looks for generalized patterns in the session using suffix trees. The patterns can
be used for a convenient presentation of the displayed sessions and for searching. The
examples of analysis carried out with the help of the algorithm are presented.
REFERENCES (15)
1.
Boddy M., Exposed: Cyberattacks on cloud honeypots, 2019, https://assets.sophos.com /X24WTUEQ/at/rgbjvgnx6qwwj7wvx764rmbn/sophos-exposed-cyberattacks-on-cloud-honeypotswp.pdf [dostęp: 7.01.2023].
2.
Dubuisson Duplessis G. i in., Utterance retrieval based on recurrent surface text patterns [w:] European Conference on Information Retrieval, Aberdeen 2017.
3.
Dumont P., Meier R., Gugelmann D., Lenders V., Detection of malicious remote shell sessions [w:] 2019 11th International Conference on Cyber Conflict, t. 900, Tallinn 2019.
4.
Jorquera Valero J.M., Pérez M., Huertas A., Martinez Perez G., Identification and classification of cyber threats through SSH honeypot systems [w:] Gupta B.B., Srinivasagopalan S., Handbook of Research on Intrusion Detection Systems, Hershey, PA 2020.
5.
Kelly C., Pitropakis N., Mylonas A., McKeown S., Buchanan W.J., A comparative analysis of honeypots on different cloud platforms, „Sensors” 2021, t. 21, nr 7.
6.
Lasota K., Niewiadomska-Szynkiewicz E., Kozakiewicz A., Adaptacja rozwiązań honeypot dla sieci czujników, „Studia Informatica” 2012, t. 33, nr 1.
7.
Martinez J., Pérez M., Ruiz-Martínez A., A novel machine learning-based approach for the detection of ssh botnet infection, „Future Generation Computer Systems” 2021, t. 115.
8.
Memari N., Hashim S., Samsudin K., Network probe patterns against a honeynet in Malaysia, „Defence S and T Technical Bulletin” 2015, t. 8, nr 1.
9.
Navarro Ferrer O., Analysis of reinforcement learning techniquesapplied to honeypot systems,” Master’s thesis, Universitat Oberta de Catalunya, Barcelona 2021.
10.
Rabadia P., Valli C., Ibrahim A., Baig Z., Analysis of attempted intrusions: intelligence gathered from ssh honeypots [w:] The 15th Australian Digital Forensics Conference, Perth 2017.
11.
Sadique F., Sengupta S., Analysis of attacker behavior in compromised hosts during command and control [w:] ICC 2021 – IEEE International Conference on Communications, Montreal 2021.
12.
Satria E., Huda T.P.S., Iqbal M., Sarjana F., The investigation on cowrie honeypot logs in establishing rule signature snort [w:] International Conference on Agricultural Technology, Engineering, and Environmental Sciences (ICATES), Banda Aceh 2020.
13.
Setianto F. i in., Gpt-2c: A gpt-2 parser for cowrie honeypot logs, 2021, https://arxiv.org/abs/2109.065... [dostęp: 7.01.2023].
14.
Ukkonen E., On-line construction of suffix trees, „Algorithmica” 1995, t. 14, nr 3.
15.
Wang B., Chen J., Yu C., An ai-powered network threat detection system, „IEEE Access” 2022, t. 10.
Share
RELATED ARTICLE
| ISSN: | 2658-1493 |
We process personal data collected when visiting the website. The function of obtaining information about users and their behavior is carried out by voluntarily entered information in forms and saving cookies in end devices. Data, including cookies, are used to provide services, improve the user experience and to analyze the traffic in accordance with the Privacy policy. Data are also collected and processed by Google Analytics tool (more).
You can change cookies settings in your browser. Restricted use of cookies in the browser configuration may affect some functionalities of the website.
You can change cookies settings in your browser. Restricted use of cookies in the browser configuration may affect some functionalities of the website.
