Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Gokul seminar

455 Aufrufe

Veröffentlicht am

Veröffentlicht in: Technologie, Reisen
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

Gokul seminar

  1. 1. BITS Pilani Hyderabad Campus Co-operative Deployment in a Honeynet System Gokul Kannan. S
  2. 2. Design of Co-operative Deployment in a Distributed Honeynet System Authors: Haifeng Wang, Wingkui Chen Publication: 2010: 14th International Conference on Computer Supported Co-operative Work in Design Objective: To make honeypots easier to deploy & make it more difficult to detect. BITS Pilani, Hyderabad Campus
  3. 3. Architecture BITS Pilani, Hyderabad Campus
  4. 4. Multi-Agent System (MAS) • Multiple agent systems • Agent system (Autonomous System) • • • • Term autonomous originates from the Greek term: autos meaning self and nomos meaning rule or law. Enabling systems to operate independently, without external intervention. Intelligent Systems (systems running AI algorithms) Communication, Monitoring, Decision-Making • Goal-based • • Learn & reason towards achieving their goals Same goal BITS Pilani, Hyderabad Campus
  5. 5. Multi-Agent System (MAS) • 3 types of agents (as per this paper) • Honeypot Agent (H.Ag) – Monitors a set of honeypots – Sends report to D.Ag – Executor of deployment • Host collector Agent (C.Ag) – Collect information about network – Sends report to D.Ag • Deploy Agent (D.Ag) – Get reports from C.Ag and H.Ag – Communicate with other D.Ag (if a best deploy scheme is available) BITS Pilani, Hyderabad Campus
  6. 6. Honey-Farm System (HFS) • Contains a collection of virtual honeypots • Induce degree – the capacity of inducing attackers • Virtual honeypots can be one of the following • • • Low Interaction High Interaction Medium Interaction BITS Pilani, Hyderabad Campus
  7. 7. Computer Network System • Contains a set of computer nodes • OS type: Windows (different versions), Linux • Host-alter degree • Host changing rule • IPActive BITS Pilani, Hyderabad Campus
  8. 8. Challenges in deployment • Type of interaction (low, high, medium) • Honeypot position • • • • • Outside the security system Inside the security system (DMZ) Sub-networks behind firewall Inside the intranet etc. • Distribution of honeypots • • • Nh – no. of honeypots Np – no. of computers P – rate of protection BITS Pilani, Hyderabad Campus
  9. 9. Co-operative Deploy Strategy BITS Pilani, Hyderabad Campus
  10. 10. Algorithm 1: Collect status of computer network BITS Pilani, Hyderabad Campus
  11. 11. Algorithm 2: Collect status of honeyfarm BITS Pilani, Hyderabad Campus
  12. 12. Algorithm 3: Learning & Final Decision BITS Pilani, Hyderabad Campus
  13. 13. Algorithm 3: Learning & Final Decision BITS Pilani, Hyderabad Campus
  14. 14. Algorithm 4: Co-operative Deploy BITS Pilani, Hyderabad Campus
  15. 15. Experiments BITS Pilani, Hyderabad Campus
  16. 16. Experiments BITS Pilani, Hyderabad Campus
  17. 17. Thank You !! BITS Pilani, Hyderabad Campus

×