Ontological model for predicting cyberattacks based on virtualized Honeynets

Authors

DOI:

https://doi.org/10.22335/rlct.v8i1.344

Keywords:

computer attacks, ontological model, vulnerabilities, security

Abstract

The honeynets security tools are widely used today for the purpose of gathering information from potential attackers about vulnerabilities in our network. For performing correct use of them is necessary to understand the existing types, structures raised, the tools used and current developments. However, poor planning honeypot or honeynet one could provide unwanted users an access point to the network we want to protect. The purpose of this article is to carry out the approach of an ontological model for identifying the most common attacks types from the use of honeynets, and its implementation on working scenarios. This model will facilitate decision-making for the location of elements and components to computer level in an organization.

Downloads

Download data is not yet available.

Author Biographies

  • Carlos Enrique Montenegro Marín, Universidad Distrital Francisco José de Caldas
    Doctor en Sistemas y Servicios Informáticos para Internet. Profesor de Planta, Facultad de Ingenieria

     

  • Paulo Alonso Gaona García, Universidad Distrital Francisco José de Caldas

    Doctor en informática. Profesor de Planta, Facultad de Ingeniería.

     

  • Julio Barón Velandia, Universidad Distrital Francisco José de Caldas
    Doctorado en Ingeniería Informática. Profesor de Planta, Facultad de Ingeniería.

     

References

Akrivi, K., Elena, T., Constantin, H., Georgios, L., & Costas, V. (2006). A comparative study of four ontology visualization techniques in protégé : Experiment setup and preliminary results. In Tenth International Conference on Information Visualisation (IV'06) (pp. 417-423). IEEE.

Chang, J. C. H., & Tsai, Y. L. (2010). Design of virtual honeynet collaboration system in existing security research networks. In Communications and Information Technologies (ISCIT), 2010 International Symposium on (pp. 798-803). IEEE.

Djanali, S., Arunanto, F. X., Pratomo, B. A., Baihaqi, A., Studiawan, H., & Shiddiqi, A. M. (2014). Aggressive web application honeypot for exposing attacker's identity. In Information Technology, Computer and Electrical Engineering (ICITACEE), 2014 1st International Conference on (pp. 212-216). IEEE.

Gallego, E., & de Vergara, J. E. L. (2004). Honeynets: aprendiendo del atacante. In IX Congreso Nacional de Internet, Telecomunicaciones y Movilidad.

Gupta, M. K., Govil, M. C., & Singh, G. (2015). Predicting Cross-Site Scripting (XSS) security vulnerabilities in web applications. In Computer Science and Software Engineering (JCSSE), 2015 12th International Joint Conference on (pp. 162-167). IEEE.

Gupta, M. K., Govil, M. C., & Singh, G. (2014). Static analysis approaches to detect SQL injection and cross site scripting vulnerabilities in web applications: A survey. In Recent Advances and Innovations in Engineering (ICRAIE), 2014 (pp. 1-5). IEEE.

Karthik, S., Samudrala, B., & Yang, A. T. (2009). Design of Network Security Projects Using Honeypots. Journal of Computing Sciences in Colleges, 20(4).

Kwon, D., Hong, J. W. K., & Ju, H. (2012). DDoS attack forecasting system architecture using honeynet. In Network Operations and Management Symposium (APNOMS), 2012 14th Asia-Pacific (pp. 1-4). IEEE.

Hancock, B. (1998). Steps to a successful creation of a corporate threat management plan. Computer Fraud & Security, 1998(7), 16-18.

Horridge, M., Knublauch, H., Rector, A., Stevens, R., & Wroe, C. (2004). A Practical Guide To Building OWL Ontologies Using The Protégé-OWL Plugin and CO-ODE Tools Edition 1.0. University of Manchester.

Huluka, D., & Popov, O. (2012). Root cause analysis of session management and broken authentication vulnerabilities. In Internet Security (WorldCIS), 2012 World Congress on (pp. 82-86). IEEE.

Ma, J., Chai, K., Xiao, Y., Lan, T., & Huang, W. (2011). High-Interaction Honeypot System for SQL Injection Analysis. In Information Technology, Computer Engineering and Management Sciences (ICM), 2011 International Conference on (Vol. 3, pp. 274-277). IEEE.

Memari, N., Hashim, S. J. B., & Samsudin, K. B. (2014). Towards virtual honeynet based on LXC virtualization. In Region 10 Symposium, 2014 IEEE (pp. 496-501). IEEE.

Noy, N. F., Crubézy, M., Fergerson, R. W., Knublauch, H., Tu, S. W., Vendetti, J., & Musen, M. A. (2003). Protégé -2000: an open-source ontology-development and knowledge-acquisition environment. In AMIA Annu Symp Proc (Vol. 953, p. 953).

OWASP, T. (2016). Top 10. The Ten Most Critical Web Application Security Risks. https://www.owasp.org/index.php/Main_Page Last access (21 July 2016)

Papapanagiotou, K. (2013). OWASP Hackademic: a practical environment for teaching application security. In AppSec USA 2013. Owasp.

Rodriguez, J. A. F., Marín, C. E. M., Bonilla, J. A. R., & García, P. A. G. (2016). Hacia la virtualización de escritorios para la entrega de ambientes académicos basados en DaaS. Revista Logos Ciencia & Tecnología, 7(2), 114-124.

Sadeghian, A., Zamani, M., & Ibrahim, S. (2013). SQL injection is still alive: a study on SQL injection signature evasion techniques. In Informatics and Creative Multimedia (ICICM), 2013 International Conference on (pp. 265-268). IEEE.

Sqalli, M. H., Firdous, S. N., Baig, Z., & Azzedin, F. (2011). An Entropy and Volume-Based Approach for Identifying Malicious Activities in Honeynet Traffic. In Cyberworlds (CW), 2011 International Conference on (pp. 23-30). IEEE.

Uschold, M., & Gruninger, M. (1996). Ontologies: Principles, methods and applications. The knowledge engineering review, 11(02), 93-136.

Vásquez, L. M. L., & López, M. D. R. (2015). Implementación de una herramienta virtual para la determinación de la confianza. Revista Logos Ciencia & Tecnología, 6(2), 177-187.

Watson, D., & Riden, J. (2008). The honeynet project: Data collection tools, infrastructure, archives and analysis. In WOMBAT Workshop on Information Security Threats Data Collection and Sharing (pp. 24-30). IEEE.

Wazzan, M. A., & Awadh, M. H. (2015). Towards Improving Web Attack Detection: Highlighting the Significant Factors. In IT Convergence and Security (ICITCS), 2015 5th International Conference on (pp. 1-5). IEEE.

Yao, Y., Lv, J. W., Gao, F. X., Yu, G., & Deng, Q. X. (2009). Detecting and Defending against Worm Attacks Using Bot-honeynet. In Electronic Commerce and Security, 2009. ISECS'09. Second International Symposium on (Vol. 1, pp. 260-264). IEEE.

Yu, Y. T., & Hsu, C. C. (2011). A structured ontology construction by using data clustering and pattern tree mining. In Machine Learning and Cybernetics (ICMLC), 2011 International Conference on (Vol. 1, pp. 45-50). IEEE.

Zurutuza, U., Ezpeleta, E., Herrero, Á., & Corchado, E. (2011). Visualization of misuse-based intrusion detection: Application to honeynet data. In Soft Computing Models in Industrial and Environmental Applications, 6th International Conference SOCO 2011 (pp. 561-570). Springer Berlin Heidelberg.

Portada Volumen 8, Número 1 (2016)

Downloads

Published

2016-12-21

Issue

Vol. 8 No. 1 (2016): July-December 2016

Section

Reflection Articles

License

This journal provides free and immediate access to its content (https://creativecommons.org/licenses/by/4.0/legalcode#languages), under the principle that making research available to the public free of charge supports greater global knowledge exchange. This means that the authors transfer the Copyrights to the journal, so that the material can be copied and distributed by any means, as long as the authors’ recognition is maintained, and the articles are not commercially used or modified in any way.

How to Cite

Ontological model for predicting cyberattacks based on virtualized Honeynets. (2016). Revista Logos Ciencia & Tecnología, 8(1), 101-114. https://doi.org/10.22335/rlct.v8i1.344