Secure (S)Hell: Introducing an SSH Deception Proxy Framework
@article{Reti2021SecureI, title={Secure (S)Hell: Introducing an SSH Deception Proxy Framework}, author={Daniel Reti and David Klaassen and Simon D. Duque Ant{\'o}n and Hans D. Schotten}, journal={2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)}, year={2021}, pages={1-6} }
Deceiving an attacker in the network security domain is a well established approach, mainly achieved through deployment of honeypots consisting of open network ports with the sole purpose of raising an alert on a connection. With attackers becoming more careful to avoid honeypots, other decoy elements on real host systems continue to create uncertainty for attackers. This uncertainty makes an attack more difficult, as an attacker cannot be sure whether the system does contain deceptive elements…
One Citation
Research on Network Security Situational Awareness Based on Crawler Algorithm
- Computer ScienceSecurity and Communication Networks
- 2022
By designing a network security event analysis tool based on text processing, the data cleaning of network security time text information is completed, and a set of networkSecurity event processing solutions with high applicability and comprehensiveness are formed.
References
SHOWING 1-10 OF 18 REFERENCES
A Honeypot Proxy Framework for Deceiving Attackers with Fabricated Content
- Computer Science
- 2018
This paper discusses the idea of deceiving attackers with fake services and fabricated content in order to find out more about malware’s functionality and to hamper cyber intelligence.
YAAS - On the Attribution of Honeypot Data
- Computer ScienceInt. J. Cyber Situational Aware.
- 2017
A holistic scheme to derive characteristics from honeypot data and to map this data to an attacker model is introduced, which results in most attacks being rather harmless, but a few outliers have been identified.
Demystifying Deception Technology: A Survey
- Computer ScienceArXiv
- 2018
An extensive overview of the deception technology environment is presented and taxonomies, theoretical backgrounds, psychological aspects as well as concepts, implementations, legal aspects and ethics are discussed and compared.
Investigation of modern attacks using proxy honeypot
- Computer Science2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)
- 2018
Implementation of the honeypot based on the open proxy server allows to log all activity on the investigated proxy and classification of malicious users and the statistics of the attacks' sources are provided.
Evaluation of Deception-Based Web Attacks Detection
- Computer ScienceMTD@CCS
- 2017
A preliminary study seems to suggest that deception is a valuable companion of other detection techniques but it may not be suitable as a single standalone protection mechanism.
Parameter manipulation attack prevention and detection by using web application deception proxy
- Computer ScienceIMCOM
- 2017
This paper proposes web application deception proxy as a defense approach, and it is shown that it is very helpful to prevent and detect web application attacks.
IBM Security , “ Cost of a data breach report 2020 , ” 2020 . [ Online ]
The cyber kill chain," last visited 03-11-2020