Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Use of Deception to Improve Client Honeypot Detection of Drive-by-Download Attacks

Book ·
OSTI ID:985019
; ; ; ; ;

This paper presents the application of deception theory to improve the success of client honeypots at detecting malicious web page attacks from infected servers programmed by online criminals to launch drive-by-download attacks. The design of honeypots faces three main challenges: deception, how to design honeypots that seem real systems; counter-deception, techniques used to identify honeypots and hence defeating their deceiving nature; and counter counter-deception, how to design honeypots that deceive attackers. The authors propose the application of a deception model known as the deception planning loop to identify the current status on honeypot research, development and deployment. The analysis leads to a proposal to formulate a landscape of the honeypot research and planning of steps ahead.

Research Organization:
Pacific Northwest National Laboratory (PNNL), Richland, WA (US)
Sponsoring Organization:
USDOE
DOE Contract Number:
AC05-76RL01830
OSTI ID:
985019
Report Number(s):
PNNL-SA-65284
Country of Publication:
United States
Language:
English

Similar Records

Justifying the need for forensically ready protocols: A case study of identifying malicious web servers using client honeypots
Conference · Wed Jan 02 23:00:00 EST 2008 · OSTI ID:983444
Drive-by-Downloads
Conference · Sun Jan 31 23:00:00 EST 2010 · OSTI ID:983423
Identifying and Analyzing Web Server Attacks
Book · Fri Aug 29 00:00:00 EDT 2008 · OSTI ID:983441

Related Subjects

97 MATHEMATICS AND COMPUTING
COMPUTER NETWORKS
CRIME DETECTION
SECURITY