Abhinav DAHİYA, Kamaldeep JOSHİ, Rainu NANDAL, Rajkumar YADAV, Satinder BAL

25118

Honeynet based Defensive mechanism Against DDoS Attacks

Honeynet based Defensive mechanism Against DDoS Attacks

Internet we are using today is expanding faster than we could have imagined. Since the dawn of the Internet, there has been an exponential increase in the number of web sites and so the quantity of data on these websites. According to a recent data released by Google, As of October 2018, there are more than 1.9 billion websites on the Internet and more than 85,000 sites have been hacked or overrun by the hackers on all over the globe. It’s being such a huge and frightening numbers. Most of the hackers attack the web sites to collect useful information and also to make other legitimate users devoid of the information or services they required. It is called a Denial of service DoS . It has another important other version known as Distributed Denial of Service DDoS where attackers attacks in a distributed manner from various distributed locations. To curtail this problem in 1991 Honeypot was introduced which takes all attacks on itself and studies the attack pattern. But as time passes on various types of honeypots were introduced like honeytoken and honeynet. Honeypots allow all the attacks on itself and make attackers think that they have the access of real system and meanwhile honeypots will study all the attack pattern of attackers. Before honeypots, a filtering algorithm is used which with the help of pre-defined sink server will predict whether a given packet is malicious or not, here help of ISP service provider can also be taken if sink server doesn’t have any information about the sender of given data packets. Then to further enhance the capability of honeynet cloud, a various different type of services can be deployed at honeynet clouds like HTTP, CBR and FTP. Here we have used NS2 simulator to run our above-proposed work and the results are taken in the form of graphs like throughput of all three different types of honeypots, bandwidth and packet loss of all services provided by destination servers. Detection rate of malicious packets are calculated and comparison has be done between different services provided by honeynet cloud.
Keywords:

DDoS, Honeypot Security, NS2, Sink-Server, Intruder, Honeynet-cloud,

PDF

___

  • G.C. Tjhai, C. Gina, M. Papadaki, S. M. Furnell, L. Nathan. “In- vestigating the Problem of IDS False Alarms: An Experimental Study using Snort”, In IFIP International Information Security Conference, Springer, Boston, MA, pp. 253-267. 2008 October 1949.
  • S. Brown, R. Lam, S. Parsad, S. Ramasubramanian, J. Slauson. “Honeypots in the Cloud”, University of Wisconsin-Madison, Vol.11, 2012.
  • M. Buvaneswari, T. Subha. “Ihoneycol: a collaborative technique for mitigation of DdoS attack”, International Journal of Emerg- ing Technology and Advanced Engineering, Vol.3, pp. 176-179, January 2013.
  • R. Meghani, S. Sharma. “Security from various Intrusion Attacks using honeypots in cloud”, International Journal of Emerging Technology and Advanced Engineering, Vol.4, pp. 468-473, May 2014.
  • S. Rajalakshmi, V.M. Kuthadi, T. Marwala. “Ant-based dis- tributed denial of service detection technique using roaming virtual Honeypots”, IET Communications, Vol.10, pp. 929-935, 19 May 2016.
  • M. Aupetit, Y. Zhauniarovich, G. Vasiliadis, M. Dacier, Y. Boshmaf. “Visualization of actionable knowledge to mitigate DRDoS attacks”, In 2016 IEEE Symposium on Visualization for Cyber Security (VizSec), pp. 1-8, Octomber 2016.
  • A. Zargar, A. Nowroozi, R. Jalili. “XABA: A zero-knowledge anomaly-based behavioral analysis method to detect insider threats”, In 2016 13th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC), pp. 26-31, September 2004.
  • M. Bercovitch, M. Renford, L. Hasson, A. Shabtai, L. Rokach, and Y. Elovici. “HoneyGen: An automated honeytokens gener- ator”, Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics, pp.131–136, 2011.
  • A. Shabtai, M. Bercovitch, L. Rokach, Y. Gal, Y. Elovici, and E. Shmueli. “Behavioral study of users when interacting with active honeytokens”, ACM Transactions on Information and System Security (TISSEC), Vol.18, No.3, pp. 1-21, 2016.
  • C. Stoll. “The cuckoo’s egg: tracking a spy through the maze of computer espionage”, New York: Pocket Books Nonfiction, 2005.
  • B. Cheswick.“An evening with Berferd in which a cracker is lured, endured, and studied”, AT&T Bell Laboratories, 1991.
  • http://www.all.net/dtk. “Deception toolkit”, Open Sourse, Latest access time for the website is 20 March 2019. [13] L. Spitzner. Wesley,Vol.1,2003. tracking hackers”, Addison
  • A. Ahmad, M. Ali, and J. Mustafa. “Benefits of honeypots in education sector”, International Journal of Computer Science and Network Security,Vol.11, pp.24-28, October 2011.
  • https://www.honeynet.org/blog/4. “The Honeynet project”, Open Sourse Project, Latest access time for the website is 20 March 2019.
  • http://www.citi.umich.edu/u/provos/honeyd/. “Honeyd- Network”, Open Sourse Project, Latest access time for the website is 20 March 2019.
  • A. Chuvakin. “Honeynets: High Value Security Data”: Anal- ysis of real attacks launched at a honeypot”, Network Secu- rity,Vol.2003, pp.11-15, 2003.
  • J.K. Jones, G.W. Romney. “Honeynets: an educational resource for IT security”, Proceedings of the 5th conference on Informa- tion technology education, ACM,pp.24-28, 2004.
  • N. Weiler. “Honeypots for distributed denial-of-service at- tacks”, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises,pp.109-114, 2002.
  • A. B. Petruni, Robert “Honeytokens as active defense”, EC- Council Cyber Research,Vol.11, No. 10,pp.1-14, 2011.
  • http://old.honeynet.org/papers/cdrom/eeyore/. “Know Your En- emy:Honeywall CDROM Eeyore”, Open Sourse, Latest access time for the website is 20 March 2019.
  • S. Yeldi, S. Gupta, T. Ganacharya, S. Doshi, D. Bahirat, R. Ingle, A. Roychowdhary. “Enhancing network intrusion detection system with honeypot”, TENCON 2003. Conference on Conver- gent Technologies for Asia-Pacific Region, IEEE, Vol. 4, pp.1521- 1526, 2003.
  • S.M. Khattab, C. Sangpachatanaruk, D. Moss, R. Melhem, T. Znati. “Roaming honeypots for mitigating service-level denial- of-service attacks”, 24th International Conference on Distributed Computing Systems, Proceedings, IEEE, pp.328-337, 2004.
  • H. Artail, H. Safa, M. Sraj, I. Kuwatly, Z. Al-Masri. “A hybrid honeypot framework for improving intrusion detection systems in protecting organizational networks”, computers & security,Vol.25, No.4,pp.274–288, 2006.
  • C. Seifert, I. Welch, P. Komisarczuk. “Honeyc-the low- interaction client honeypot”, Proceedings of the 2007 NZCSRCS, Waikato University, Hamilton, New Zealand,Vol.6, 2007.
  • A. Sardana, R. Joshi. “An auto-responsive honeypot architec- ture for dynamic resource allocation and QoS adaptation in DDoS attacked networks”, Computer Communications,Vol.32, No. 12,pp.1384-1399, 2009.
  • C. Mulliner, S. Liebergeld, M. Lange. “Poster: Honeydroid- creating a smartphone honeypot”, IEEE Symposium on Security and Privacy,Vol, pp.1-2, 2011.
  • E. Vasilomanolakis, S. Karuppayah, M. Fischer, M. Fischer, M. Muhlhauser, M. Plasoianu, L.Pandikow, W. Pfeier. “This network is infected: Hostage-a low-interaction honeypot for mobile de- vices”, Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices, pp.43–48, 2013.
  • S. Liebergeld, M. Lange, C. Mulliner. “Nomadic honeypots: A novel concept for smartphone honeypots”, Proc. W’shop on Mobile Security Technologies (MoST’13), together with 34th IEEE Symp. on Security and Privacy, Vol.4,pp.1-4, 2013.
  • V. B. Oliveira, Z. Abdelouahab, D. Lopes, M.H. Santos, V.P. Fernandes. “Honeypotlabsac: a virtual honeypot framework for android ”, International Journal of Computer Networks & Com- munications,Vol.5, pp.159-172, 2013.
  • L. Kr¨amer, J. Krupp, D. Makita, T. Nishizoe, T. Koide, K. Yosh- ioka, C. Rossow. “Amppot: Monitoring and defending against amplification ddos attacks”, International Symposium on Recent Advances in Intrusion Detection,pp.615–636, 2015.
  • H. A. Deshpande, “Honeymesh: Preventing distributed denial of service attacks using virtualized honeypots”, IJERT,Vol.4, No. 8,pp.263-267, 2015.
  • N. Agrawal, S. Tapaswi. “Wireless rogue access point detec- tion using shadow honeynet”, Wireless Personal Communica- tions,Vol.83, No.1,pp.551–570, 2015.
  • S. Litchfield, D. Formby, J. Rogers, S. Meliopoulos, and R. Beyah. “Rethinking the honeypot for cyber-physical systems”, IEEE Internet Computing,Vol.20, No.5,pp.9–17, 2016.
  • W. Han, Z. Zhao, A. Doup´e, G.J. Ahn. “Honeymix: Toward sdn- based intelligent honeynet”, Proceedings of the 2016 ACM In- ternational Workshop on Security in Software Defined Networks & Network Function Virtualization,pp.1–6, 2016.
  • C. Saadi, H. Chaoui. “Cloud computing security using ids-am- clust, honeyd, honeywall and honeycomb”, Procedia Computer Science, Vol.85, pp. 433-442, 2016.
  • P. Sokol, J. M´ıˇsek, M. Hus´ak. “Honeypots and honeynets: issues of privacy”, EURASIPJournal on Information Security, Vol.4, pp.1-9, February 2017.
International Journal of Information Security Science-Cover
  • Yayın Aralığı: Yılda 4 Sayı
  • Başlangıç: 2012
  • Yayıncı: Şeref SAĞIROĞLU
Arşiv
Sayıdaki Diğer Makaleler

Honeynet based Defensive mechanism Against DDoS Attacks

Abhinav DAHİYA, Kamaldeep JOSHİ, Rainu NANDAL, Rajkumar YADAV, Satinder BAL

Anomaly Detection in IoT Network by using Multi-class Adaptive Boosting Classifier

Pandit Byomakesha DASH, K. Srinivasa RAO

Analysis of Ascon, DryGASCON, and Shamash Permutations

Cihangir TEZCAN