Honeynet-based collaborative defense using improved highly predictive blacklisting algorithm

Xiaobo Ma; Jiahong Zhu; Zhiyu Wan; Jing Tao; Xiaohong Guan; Qinghua Zheng

doi:10.1109/WCICA.2010.5554909

Honeynet-based collaborative defense using improved highly predictive blacklisting algorithm

Xiaobo Ma
, Jiahong Zhu
, Zhiyu Wan
, Jing Tao
, Xiaohong Guan
, Qinghua Zheng

Faculty of Electronic and Information Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

7 Scopus citations

Abstract

We present a honeynet-based collaborative defense framework and an improved highly predictive blacklisting algorithm is developed to generate highly personalized and predictive blacklists for individual networks by correlating historic attackers captured by honeynet deployed in each network. In this way, different networks can defend new attackers in a collaborative way because one network will notify another network, by dint of honeynet, of the most probable attackers in the near future based on their historic correlation. A relatively proactive defense strategy is realized based on honeynet in a collaborative way and we evaluated our algorithm with real-world honeynet traces captured in different subnets. The results show our method can generate highly personalized and predictive blacklists for individual networks with a high hit rate and defense rate.

Original language	English
Title of host publication	2010 8th World Congress on Intelligent Control and Automation, WCICA 2010
Pages	1283-1288
Number of pages	6
DOIs	https://doi.org/10.1109/WCICA.2010.5554909
State	Published - 2010
Event	2010 8th World Congress on Intelligent Control and Automation, WCICA 2010 - Jinan, China Duration: 7 Jul 2010 → 9 Jul 2010

Publication series

Name	Proceedings of the World Congress on Intelligent Control and Automation (WCICA)

Conference

Conference	2010 8th World Congress on Intelligent Control and Automation, WCICA 2010
Country/Territory	China
City	Jinan
Period	7/07/10 → 9/07/10

Keywords

Blacklist
Collaborative Defense
Honeynet
Network Security

Access to Document

10.1109/WCICA.2010.5554909

Cite this

Ma, X., Zhu, J., Wan, Z., Tao, J., Guan, X., & Zheng, Q. (2010). Honeynet-based collaborative defense using improved highly predictive blacklisting algorithm. In 2010 8th World Congress on Intelligent Control and Automation, WCICA 2010 (pp. 1283-1288). Article 5554909 (Proceedings of the World Congress on Intelligent Control and Automation (WCICA)). https://doi.org/10.1109/WCICA.2010.5554909

@inproceedings{ffd07760b6fa4f81a4e930fd5e59be79,

title = "Honeynet-based collaborative defense using improved highly predictive blacklisting algorithm",

abstract = "We present a honeynet-based collaborative defense framework and an improved highly predictive blacklisting algorithm is developed to generate highly personalized and predictive blacklists for individual networks by correlating historic attackers captured by honeynet deployed in each network. In this way, different networks can defend new attackers in a collaborative way because one network will notify another network, by dint of honeynet, of the most probable attackers in the near future based on their historic correlation. A relatively proactive defense strategy is realized based on honeynet in a collaborative way and we evaluated our algorithm with real-world honeynet traces captured in different subnets. The results show our method can generate highly personalized and predictive blacklists for individual networks with a high hit rate and defense rate.",

keywords = "Blacklist, Collaborative Defense, Honeynet, Network Security",

author = "Xiaobo Ma and Jiahong Zhu and Zhiyu Wan and Jing Tao and Xiaohong Guan and Qinghua Zheng",

year = "2010",

doi = "10.1109/WCICA.2010.5554909",

language = "英语",

isbn = "9781424467129",

series = "Proceedings of the World Congress on Intelligent Control and Automation (WCICA)",

pages = "1283--1288",

booktitle = "2010 8th World Congress on Intelligent Control and Automation, WCICA 2010",

note = "2010 8th World Congress on Intelligent Control and Automation, WCICA 2010 ; Conference date: 07-07-2010 Through 09-07-2010",

}

Ma, X, Zhu, J, Wan, Z, Tao, J, Guan, X & Zheng, Q 2010, Honeynet-based collaborative defense using improved highly predictive blacklisting algorithm. in 2010 8th World Congress on Intelligent Control and Automation, WCICA 2010., 5554909, Proceedings of the World Congress on Intelligent Control and Automation (WCICA), pp. 1283-1288, 2010 8th World Congress on Intelligent Control and Automation, WCICA 2010, Jinan, China, 7/07/10. https://doi.org/10.1109/WCICA.2010.5554909

Honeynet-based collaborative defense using improved highly predictive blacklisting algorithm. / Ma, Xiaobo; Zhu, Jiahong; Wan, Zhiyu et al.
2010 8th World Congress on Intelligent Control and Automation, WCICA 2010. 2010. p. 1283-1288 5554909 (Proceedings of the World Congress on Intelligent Control and Automation (WCICA)).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Honeynet-based collaborative defense using improved highly predictive blacklisting algorithm

AU - Ma, Xiaobo

AU - Zhu, Jiahong

AU - Wan, Zhiyu

AU - Tao, Jing

AU - Guan, Xiaohong

AU - Zheng, Qinghua

PY - 2010

Y1 - 2010

N2 - We present a honeynet-based collaborative defense framework and an improved highly predictive blacklisting algorithm is developed to generate highly personalized and predictive blacklists for individual networks by correlating historic attackers captured by honeynet deployed in each network. In this way, different networks can defend new attackers in a collaborative way because one network will notify another network, by dint of honeynet, of the most probable attackers in the near future based on their historic correlation. A relatively proactive defense strategy is realized based on honeynet in a collaborative way and we evaluated our algorithm with real-world honeynet traces captured in different subnets. The results show our method can generate highly personalized and predictive blacklists for individual networks with a high hit rate and defense rate.

AB - We present a honeynet-based collaborative defense framework and an improved highly predictive blacklisting algorithm is developed to generate highly personalized and predictive blacklists for individual networks by correlating historic attackers captured by honeynet deployed in each network. In this way, different networks can defend new attackers in a collaborative way because one network will notify another network, by dint of honeynet, of the most probable attackers in the near future based on their historic correlation. A relatively proactive defense strategy is realized based on honeynet in a collaborative way and we evaluated our algorithm with real-world honeynet traces captured in different subnets. The results show our method can generate highly personalized and predictive blacklists for individual networks with a high hit rate and defense rate.

KW - Blacklist

KW - Collaborative Defense

KW - Honeynet

KW - Network Security

UR - https://www.scopus.com/pages/publications/77958114276

U2 - 10.1109/WCICA.2010.5554909

DO - 10.1109/WCICA.2010.5554909

M3 - 会议稿件

AN - SCOPUS:77958114276

SN - 9781424467129

T3 - Proceedings of the World Congress on Intelligent Control and Automation (WCICA)

SP - 1283

EP - 1288

BT - 2010 8th World Congress on Intelligent Control and Automation, WCICA 2010

T2 - 2010 8th World Congress on Intelligent Control and Automation, WCICA 2010

Y2 - 7 July 2010 through 9 July 2010

ER -

Honeynet-based collaborative defense using improved highly predictive blacklisting algorithm

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this