Honeypots and Routers : Collecting Internet Attacks book cover
SAVE
$15.79
1st Edition

Honeypots and Routers
Collecting Internet Attacks




ISBN 9781498702195
Published December 1, 2015 by Auerbach Publications
190 Pages - 39 B/W Illustrations

 
SAVE ~ $15.79
was $78.95
USD $63.16

Prices & shipping based on shipping country


Preview

Book Description

As the number of Internet-based consumer transactions continues to rise, the need to protect these transactions against hacking becomes more and more critical. An effective approach to securing information on the Internet is to analyze the signature of attacks in order to build a defensive strategy. This book explains how to accomplish this using honeypots and routers. It discusses honeypot concepts and architecture as well as the skills needed to deploy the best honeypot and router solutions for any network environment.

Honeypots and Routers: Collecting Internet Attacks begins by providing a strong grounding in the three main areas involved in Internet security:

  • Computer networks: technologies, routing protocols, and Internet architecture
  • Information and network security: concepts, challenges, and mechanisms
  • System vulnerability levels: network, operating system, and applications

The book then details how to use honeypots to capture network attacks. A honeypot is a system designed to trap an adversary into attacking the information systems in an organization. The book describes a technique for collecting the characteristics of the Internet attacks in honeypots and analyzing them so that their signatures can be produced to prevent future attacks. It also discusses the role of routers in analyzing network traffic and deciding whether to filter or forward it.

The final section of the book presents implementation details for a real network designed to collect attacks of zero-day polymorphic worms. It discusses the design of a double-honeynet system architecture, the required software tools, and the configuration process using VMware. With the concepts and skills you learn in this book, you will have the expertise to deploy a honeypot solution in your network that can track attackers and provide valuable information about their source, tools, and tactics.

Table of Contents

Computer Networks
Devices
Medium
Network Topology
Network Protocols and Standards
Common Network Protocols
References

Information System Security
CIA Triad
Parkerian Hexad
Model for Information Assurance
Reference Model of Information Assurance and Security
Fundamentals of Hacking
References

Intrusions and Vulnerabilities
Network Vulnerability List
Operating System Vulnerability List
References

Malware
Introduction
Computer Viruses
Computer Worms
Worm Component
Worm Examples
Polymorphic Worms: Definition and Anatomy
Prevention and Detection of Worms
Intrusion Detection Systems
Firewalls
References

Honeypots
Definition and History of Honeypots
Types of Threats
Value of Honeypots
Honeypot Types Based on Interaction Level
Overview of Five Honeypots
Conclusion
References

Security Systems
Firewall
Antivirus
Intrusion Detection and Prevention Systems
References

Zero-Day Polymorphic Worms Collection Method
Motivation of Double-Honeynet System
Double-Honeynet Architecture
Software
Double-Honeynet System Configurations
Summary
References

...
View More

Author(s)

Biography

Mohssen Mohammed received his B.Sc. (Honors) degree in Computer Science from Computer Man College for Computer Studies (Future University), Khartoum, Sudan, in 2003. In 2006, he received his M.Sc. degree in Computer Science from the Faculty of Mathematical Sciences, University of Khartoum, Sudan. In 2012, he received his PhD in Electrical Engineering from Cape Town University, South Africa. He has published several papers at top international conferences such as GLOBECOM and MILCOM. He has served as a Technical Program Committee member in numerous international conferences, such as ICSEA 2010 and ICNS 2011. He received the University of Cape Town prize for International Scholarship for Academic Merit (2007, 2008, and 2009). From 2005 to 2012, he worked as a permanent academic staff member at the University of Juba, South of Sudan. He is now working as Assistant Professor in the College of Computer Science & Information Technology, Bahri University, Khartoum, Sudan. His research interest includes network security, especially intrusion detection and prevention systems, honeypots, firewalls, and malware detection methods.

Habib-ur Rehman completed his doctoral studies in 2009 at the Technische Universitaet Carolo Wilhelmina zu Braunschweig, Germany. Earlier, he obtained his MS degree in 2004 from the Lahore University of Management Sciences, Lahore, Pakistan. He worked as an Assistant Professor at the National Textile University, Faisalabad, Pakistan, and National University of Computer and Emerging Sciences, Islamabad, Pakistan. Since early 2012, he has been teaching at the Al-Imam Muhammad Ibn Saud Islamic University, Riyadh, KSA. His primary research interests are the design and development of network protocols, schemes, and models for mobile and ad hoc networks. He has focused on the issues of routing, MAC, streaming, security, and information sharing in his research. He has also supervised undergrad students in the development of useful Android applications.