Analysis of attackers against windows emulating honeypots in various types of networks and regions

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F61988987%3A17310%2F16%3AA1701IO6" target="_blank" >RIV/61988987:17310/16:A1701IO6 - isvavai.cz</a>

Výsledek na webu

—

DOI - Digital Object Identifier

—

Jazyk výsledku

angličtina

Název v původním jazyce

Analysis of attackers against windows emulating honeypots in various types of networks and regions

Popis výsledku v původním jazyce

The paper is devoted to an analysis of a one-year-long period of operation of a honeynet composed of 6 Dionaea honeypots emulating Windows services. The analysis focused on the frequency of attacks according to the location of individual honeypots (sensors) as well as to the geographical location of attackers. From the statistical processing of the results, it was demonstrated that the most frequently attacking malware was well-known Conficker worm. Moreover, attacking OS were studied with the conclusion that Windows is the most frequent OS. Regarding the geographical location of the attackers, several non-western countries and autonomous systems were indicated as being the most frequent origin of the attacks.

Název v anglickém jazyce

Analysis of attackers against windows emulating honeypots in various types of networks and regions

Popis výsledku anglicky

The paper is devoted to an analysis of a one-year-long period of operation of a honeynet composed of 6 Dionaea honeypots emulating Windows services. The analysis focused on the frequency of attacks according to the location of individual honeypots (sensors) as well as to the geographical location of attackers. From the statistical processing of the results, it was demonstrated that the most frequently attacking malware was well-known Conficker worm. Moreover, attacking OS were studied with the conclusion that Windows is the most frequent OS. Regarding the geographical location of the attackers, several non-western countries and autonomous systems were indicated as being the most frequent origin of the attacks.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2016

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

International Conference on Ubiquitous and Future Networks, ICUFN

ISBN

978-1-4673-9991-3

ISSN

2165-8528

e-ISSN

—

Počet stran výsledku

6

Strana od-do

863-868

Název nakladatele

IEEE Computer Society

Místo vydání

—

Místo konání akce

Wien, Austria

Datum konání akce

1. 1. 2016

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

000390165600194