当前位置:
X-MOL 学术
›
Expert Syst.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Building a cognizant honeypot for detecting active fingerprinting attacks using dynamic fuzzy rule interpolation
Expert Systems ( IF 3.0 ) Pub Date : 2020-04-16 , DOI: 10.1111/exsy.12557 Nitin Naik 1 , Changjing Shang 2 , Paul Jenkins 1 , Qiang Shen 2
Expert Systems ( IF 3.0 ) Pub Date : 2020-04-16 , DOI: 10.1111/exsy.12557 Nitin Naik 1 , Changjing Shang 2 , Paul Jenkins 1 , Qiang Shen 2
Affiliation
Dynamic fuzzy rule interpolation (D-FRI) technique delivers a dynamic rule base through the utilisation of fuzzy rule interpolation to infer more accurate results for a given application problem. D-FRI offered dynamic rule base is very useful in security areas where network conditions are always volatile and require the most updated rule base. A honeypot is a vital part of any security infrastructure for directly investigating attacks and attackers in real-time to strengthen the overall security of the network. However, a honeypot as a concealed system can only function successfully while its identity is not revealed to any attackers. Attackers always attempt to uncover such honeypots for avoiding any trap and strengthening their attacks. Active fingerprinting attack is used to detect these honeypots by injecting purposefully designed traffic to a network. Such an attack can be prevented by controlling the traffic but this will make honeypot unusable system if its interaction with the outside world is limited. Alternatively, it is practically more useful if this fingerprinting attack is detected in real-time to manage its immediate consequences and preventing the honeypot. This article offers an approach to building a cognizant honeypot for detecting active fingerprinting attacks through the utilisation of the established D-FRI technique. It is based on the use of just a sparse rule base while remaining capable of detecting active fingerprinting attacks when the system does not find any matching rules. Also, it learns from current network conditions and offers a dynamic rule base to facilitate more accurate and efficient detection.
中文翻译:
使用动态模糊规则插值构建用于检测主动指纹攻击的认知蜜罐
动态模糊规则插值 (D-FRI) 技术通过利用模糊规则插值来为给定的应用问题推断出更准确的结果,从而提供动态规则库。D-FRI 提供的动态规则库在网络条件总是不稳定且需要最新规则库的安全领域非常有用。蜜罐是任何安全基础设施的重要组成部分,用于直接实时调查攻击和攻击者,以加强网络的整体安全性。然而,蜜罐作为一个隐蔽系统,只有在其身份不会被任何攻击者发现的情况下才能成功运行。攻击者总是试图发现这样的蜜罐,以避免任何陷阱并加强他们的攻击。主动指纹攻击用于通过将有目的地设计的流量注入网络来检测这些蜜罐。这种攻击可以通过控制流量来防止,但是如果蜜罐与外界的交互受到限制,这将使蜜罐系统无法使用。或者,如果实时检测到这种指纹攻击以管理其直接后果并防止蜜罐,实际上更有用。本文提供了一种通过利用已建立的 D-FRI 技术构建用于检测主动指纹攻击的认知蜜罐的方法。它基于仅使用稀疏规则库,同时在系统未找到任何匹配规则时仍然能够检测主动指纹攻击。还,
更新日期:2020-04-16
中文翻译:
使用动态模糊规则插值构建用于检测主动指纹攻击的认知蜜罐
动态模糊规则插值 (D-FRI) 技术通过利用模糊规则插值来为给定的应用问题推断出更准确的结果,从而提供动态规则库。D-FRI 提供的动态规则库在网络条件总是不稳定且需要最新规则库的安全领域非常有用。蜜罐是任何安全基础设施的重要组成部分,用于直接实时调查攻击和攻击者,以加强网络的整体安全性。然而,蜜罐作为一个隐蔽系统,只有在其身份不会被任何攻击者发现的情况下才能成功运行。攻击者总是试图发现这样的蜜罐,以避免任何陷阱并加强他们的攻击。主动指纹攻击用于通过将有目的地设计的流量注入网络来检测这些蜜罐。这种攻击可以通过控制流量来防止,但是如果蜜罐与外界的交互受到限制,这将使蜜罐系统无法使用。或者,如果实时检测到这种指纹攻击以管理其直接后果并防止蜜罐,实际上更有用。本文提供了一种通过利用已建立的 D-FRI 技术构建用于检测主动指纹攻击的认知蜜罐的方法。它基于仅使用稀疏规则库,同时在系统未找到任何匹配规则时仍然能够检测主动指纹攻击。还,
京公网安备 11010802027423号