Honeypots and Routers: Collecting Internet Attacks, 1st Edition (Hardback) book cover

Honeypots and Routers

Collecting Internet Attacks, 1st Edition

By Mohssen Mohammed, Habib-ur Rehman

Auerbach Publications

190 pages | 39 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781498702195
pub: 2015-12-01
SAVE ~$15.19
$75.95
$60.76
x
eBook (VitalSource) : 9780429171956
pub: 2015-12-02
from $37.98


FREE Standard Shipping!

Description

As the number of Internet-based consumer transactions continues to rise, the need to protect these transactions against hacking becomes more and more critical. An effective approach to securing information on the Internet is to analyze the signature of attacks in order to build a defensive strategy. This book explains how to accomplish this using honeypots and routers. It discusses honeypot concepts and architecture as well as the skills needed to deploy the best honeypot and router solutions for any network environment.

Honeypots and Routers: Collecting Internet Attacks begins by providing a strong grounding in the three main areas involved in Internet security:

  • Computer networks: technologies, routing protocols, and Internet architecture
  • Information and network security: concepts, challenges, and mechanisms
  • System vulnerability levels: network, operating system, and applications

The book then details how to use honeypots to capture network attacks. A honeypot is a system designed to trap an adversary into attacking the information systems in an organization. The book describes a technique for collecting the characteristics of the Internet attacks in honeypots and analyzing them so that their signatures can be produced to prevent future attacks. It also discusses the role of routers in analyzing network traffic and deciding whether to filter or forward it.

The final section of the book presents implementation details for a real network designed to collect attacks of zero-day polymorphic worms. It discusses the design of a double-honeynet system architecture, the required software tools, and the configuration process using VMware. With the concepts and skills you learn in this book, you will have the expertise to deploy a honeypot solution in your network that can track attackers and provide valuable information about their source, tools, and tactics.

Table of Contents

Computer Networks

Devices

Medium

Network Topology

Network Protocols and Standards

Common Network Protocols

References

Information System Security

CIA Triad

Parkerian Hexad

Model for Information Assurance

Reference Model of Information Assurance and Security

Fundamentals of Hacking

References

Intrusions and Vulnerabilities

Network Vulnerability List

Operating System Vulnerability List

References

Malware

Introduction

Computer Viruses

Computer Worms

Worm Component

Worm Examples

Polymorphic Worms: Definition and Anatomy

Prevention and Detection of Worms

Intrusion Detection Systems

Firewalls

References

Honeypots

Definition and History of Honeypots

Types of Threats

Value of Honeypots

Honeypot Types Based on Interaction Level

Overview of Five Honeypots

Conclusion

References

Security Systems

Firewall

Antivirus

Intrusion Detection and Prevention Systems

References

Zero-Day Polymorphic Worms Collection Method

Motivation of Double-Honeynet System

Double-Honeynet Architecture

Software

Double-Honeynet System Configurations

Summary

References

About the Authors

Mohssen Mohammed received his B.Sc. (Honors) degree in Computer Science from Computer Man College for Computer Studies (Future University), Khartoum, Sudan, in 2003. In 2006, he received his M.Sc. degree in Computer Science from the Faculty of Mathematical Sciences, University of Khartoum, Sudan. In 2012, he received his PhD in Electrical Engineering from Cape Town University, South Africa. He has published several papers at top international conferences such as GLOBECOM and MILCOM. He has served as a Technical Program Committee member in numerous international conferences, such as ICSEA 2010 and ICNS 2011. He received the University of Cape Town prize for International Scholarship for Academic Merit (2007, 2008, and 2009). From 2005 to 2012, he worked as a permanent academic staff member at the University of Juba, South of Sudan. He is now working as Assistant Professor in the College of Computer Science & Information Technology, Bahri University, Khartoum, Sudan. His research interest includes network security, especially intrusion detection and prevention systems, honeypots, firewalls, and malware detection methods.

Habib-ur Rehman completed his doctoral studies in 2009 at the Technische Universitaet Carolo Wilhelmina zu Braunschweig, Germany. Earlier, he obtained his MS degree in 2004 from the Lahore University of Management Sciences, Lahore, Pakistan. He worked as an Assistant Professor at the National Textile University, Faisalabad, Pakistan, and National University of Computer and Emerging Sciences, Islamabad, Pakistan. Since early 2012, he has been teaching at the Al-Imam Muhammad Ibn Saud Islamic University, Riyadh, KSA. His primary research interests are the design and development of network protocols, schemes, and models for mobile and ad hoc networks. He has focused on the issues of routing, MAC, streaming, security, and information sharing in his research. He has also supervised undergrad students in the development of useful Android applications.

Subject Categories

BISAC Subject Codes/Headings:
COM043000
COMPUTERS / Networking / General
COM053000
COMPUTERS / Security / General
COM060000
COMPUTERS / Internet / General