Exploring Extensions Of Traditional Honeypot Systems And Testing The Impact On Attack Profiling

Author

Robert Wesley McGrew

Issuing Body

Mississippi State University

Advisor

Vaughn, Rayford B.

Committee Member

Dampier, David A.

Committee Member

Ramkumar, Mahalingam

Date of Degree

12-10-2005

Document Type

Graduate Thesis - Open Access

Major

Computer Science

Degree Name

Master of Science

College

James Worth Bagley College of Engineering

Department

Department of Computer Science and Engineering

Abstract

This thesis explores possibilities for extending the features of honeypot systems to decrease the chance of an attacker discovering that they have compromised a honeypot. It is proposed that by extending the period of time that an attacker spends on a honeypot oblivious to its status, more information relevant to profiling the attacker can be gained. Honeypots are computer systems that are deployed in a way that attackers can easily compromise them. These systems, which contain no production data, are useful both as early warning systems for attacks on production systems, and for studying the tools, techniques, and motives of attackers. Current honeypot systems mitigate the risks of running a honeypot by restricting out-bound traffic in a way that might be obvious to an attacker. The extensions proposed for honeypots will be tested in a controlled laboratory environment.

URI

https://hdl.handle.net/11668/17480

Recommended Citation

McGrew, Robert Wesley, "Exploring Extensions Of Traditional Honeypot Systems And Testing The Impact On Attack Profiling" (2005). Theses and Dissertations. 2168.
https://scholarsjunction.msstate.edu/td/2168