Loughborough University
Leicestershire, UK
LE11 3TU
+44 (0)1509 263171
Loughborough University

Loughborough University Institutional Repository

Please use this identifier to cite or link to this item: https://dspace.lboro.ac.uk/2134/3918

Title: Honey Plotter and the Web of Terror
Authors: Withall, Mark S.
de Silva, M. Shirantha
Parish, David J.
Phillips, Iain W.
Keywords: Internet
Relational databases
Security of data
Statistical analysis
Telecommunication security
Telecommunication traffic
Issue Date: 2007
Publisher: © IEEE
Citation: WITHALL, M.S. ... et al, 2007. Honey Plotter and the Web of Terror. IN: Proceedings of 16th International Conference on Computer Communications and Networks, ICCCN 2007, 13-16 August, pp. 1262-1266.
Abstract: Honeypots are a useful tool for discovering the distribution of malicious traffic on the Internet and how that traffic evolves over time. In addition, they allow an insight into new attacks appearing. One major problem is analysing the large amounts of data generated by such honeypots and correlating between multiple honeypots. Honey Plotter is a web-based query and visualisation tool to allow investigation into data gathered by a distributed honeypot network. It is built on top of a relational database, which allows great flexibility in the questions that can be asked and has automatic generation of visualisations based on the results of queries. The main focus is on aggregate statistics but individual attacks can also be analysed. Statistical comparison of distributions is also provided to assist with detecting anomalies in the data; helping separate out common malicious traffic from new threats and trends. Two short case studies are presented to give an example of the types of analysis that can be performed.
Description: This is a conference paper [© IEEE] and it is also available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=4317994&isnumber=4317770. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
DOI: 10.1109/ICCCN.2007.4317994
URI: https://dspace.lboro.ac.uk/2134/3918
ISSN: 1095-2055
Appears in Collections:Conference Papers and Presentations (Computer Science)

Files associated with this item:

File Description SizeFormat
HarryPlotterAndTheWebOfTerror.pdf290.56 kBAdobe PDFView/Open


SFX Query

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.