Behavioral signature generation using shadow honeypot
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F12%3APU101745" target="_blank" >RIV/00216305:26230/12:PU101745 - isvavai.cz</a>
Result on the web
<a href="http://www.waset.org/journals/waset/v65/v65-163.pdf" target="_blank" >http://www.waset.org/journals/waset/v65/v65-163.pdf</a>
DOI - Digital Object Identifier
—
Alternative languages
Result language
angličtina
Original language name
Behavioral signature generation using shadow honeypot
Original language description
The main goal is to present new method of detection zero-day buffer overflow vulnerabilities. This method is based on signature generation from network traffic. We provide the detection model that generates detection profiles by honeypot systems. In thisarticle we show 112 metrics that will be used for malware characterization in network traffic and we show the use of this method on two examples: abused buffer overflow vulnerability in FTP server and use of public known internet worm - Conficker.
Czech name
—
Czech description
—
Classification
Type
J<sub>x</sub> - Unclassified - Peer-reviewed scientific article (Jimp, Jsc and Jost)
CEP classification
IN - Informatics
OECD FORD branch
—
Result continuities
Project
<a href="/en/project/FR-TI1%2F037" target="_blank" >FR-TI1/037: *Automated attack processing</a><br>
Continuities
Z - Vyzkumny zamer (s odkazem do CEZ)
Others
Publication year
2012
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
An international Journal of Science, Engineering and Technology World Academy of Science Engineering and Technology
ISSN
2010-376X
e-ISSN
—
Volume of the periodical
2012
Issue of the periodical within the volume
65
Country of publishing house
ID - INDONESIA
Number of pages
5
Pages from-to
829-833
UT code for WoS article
—
EID of the result in the Scopus database
—