Abstract
This paper presents the application of deception theory to improve the success of client honeypots at detecting malicious web page attacks from infected servers programmed by online criminals to launch drive-by-download attacks. The design of honeypots faces three main challenges: deception, how to design honeypots that seem real systems; counter-deception, techniques used to identify honeypots and hence defeating their deceiving nature; and counter counter-deception, how to design honeypots that deceive attackers. The authors propose the application of a deception model known as the deception planning loop to identify the current status on honeypot research, development and deployment. The analysis leads to a proposal to formulate a landscape of the honeypot research and planning of steps ahead. © 2009 Springer.
Author supplied keywords
Cite
CITATION STYLE
Endicott-Popovsky, B., Narvaez, J., Seifert, C., Frincke, D. A., O’Neil, L. R., & Aval, C. (2009). Use of deception to improve client honeypot detection of drive-by-download attacks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5638 LNAI, pp. 138–147). https://doi.org/10.1007/978-3-642-02812-0_17
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
