Cybersecurity and Honeypots: Experience in a Scientific Network Infrastructure

Juan Luis Martin Acal, Gustavo Romero López, Pablo Palacín Gómez, Pablo García Sánchez, Juan Julián Merelo Guervós, Pedro A. Castillo Valdivieso

2015

Abstract

When dealing with security concerns in the use of network infrastructures a good balance between security concerns and the right to privacy should be maintained. This is very important in scientific networks, because they were created with an open and decentralized philosophy, in favor of the transmission of knowledge, when security was not a essential topic. Although private and scientific information have an enormous value for an attacker, the user privacy for legal and ethical reasons must be respected. Thus, passive detection methods in cybersecurity such as honeypots are a good strategy to achieve this balance between security and privacy in the defense plan of a scientific network. In this paper we present the practical case of the University of Granada in the application of honeypots for the detection and study of intrusions, which avoid intrusive techniques such as the direct analysis of the traffic through networking devices.

References

  1. Ari Takanen, Jared D. DeMott, C. M. (2008). Fuzzing for Software Security Testing and Quality Assurance. Artech-House, 685 Canton Street,Norwood.
  2. Cheswick, B. (1992). An evening with berferd in which a cracker is lured, endured, and studied. In In Proc. Winter USENIX Conference, pages 163-174.
  3. Cisco Technology Inc (2014). Cisco 2014 annual security report. http://www.cisco. com/web/offer/gist ty2 asset/Cisco 2014 ASR.pdf.
  4. CNI-Centro Critográfico Nacional (2014). Informe de amenazas ccn-cer tia-03/14: Ciberamenazas 2013 y tendencias 2014. https://www.ccncert.cni.es/publico/dmpublidocuments/CCN-CERT IA-03-14-Ciberamenazas 2013 Tendencias 2014- publico.pdf.
  5. CNI-Centro Critográfico Nacional (2015). Ccn-cert ia-09/15 ciberamenazas 2014 tendencias 2015 - resumen ejecutivo april 2015. https://www.ccncert.cni.es/publico/dmpublidocuments/IE-Ciberame nazas2014-Tendencias-2015.pdf.
  6. ESSET Latino América (2015). Tendencias 2015: El mundo corporativo en la mira. http://www. welivesecurity.com/wp-content/uploads/ 2015/01/tendencias 2015 eset mundo corporativo.pdf.
  7. Fred Cohen (1998). A note on the role of deception in information protection. 17(6):483-506.
  8. Kohonen, T. (1990). The self-organizing map. Proceedings of the IEEE, 78(9):1464-1480.
  9. Microsoft (2008). Microsoft Security bulletin ms08-067 - critical. http://www.microsoft. com/technet/security/Bulletin/MS08-067.mspx.
  10. Panda, M. and Patra., M. R. (2009). Building an efficient network intrusion detection model using self organising maps. Proceeding of world academy of science, engineering and technology, 38.
  11. Project, H. (2000). ”know your enemy. the tools and methodologies of the script kiddie”. ”Know Your Enemies”: series .
  12. Seifert, C., Welch, I., and Komisarczuk, P. (2006). Taxonomy of honeypots.
  13. Sood, A. and Enbody, R. (2013). Targeted cyberattacks: A superset of advanced persistent threats. Security & Privacy, IEEE, 11(1):54-61.
  14. Subdirección General de Organizaci ón y Automación, Secretaía General T écnica, Ministerio de Educación y Ciencia (1985). Proyecto iris. https:// www.rediris.es/rediris/historia/programa-iris.pdf.
  15. Verizon Enterprise (2015). 2015 data breach investigations report. http://www.verizonenterprise. com/resources/reports/rp data-breach-investigationreport-2015 en xg.pdf.
Download


Paper Citation


in Harvard Style

Martin Acal J., Romero López G., Palacín Gómez P., García Sánchez P., Merelo Guervós J. and Castillo Valdivieso P. (2015). Cybersecurity and Honeypots: Experience in a Scientific Network Infrastructure . In Proceedings of the 7th International Joint Conference on Computational Intelligence - Volume 1: ECTA, ISBN 978-989-758-157-1, pages 313-318. DOI: 10.5220/0005620203130318


in Bibtex Style

@conference{ecta15,
author={Juan Luis Martin Acal and Gustavo Romero López and Pablo Palacín Gómez and Pablo García Sánchez and Juan Julián Merelo Guervós and Pedro A. Castillo Valdivieso},
title={Cybersecurity and Honeypots: Experience in a Scientific Network Infrastructure},
booktitle={Proceedings of the 7th International Joint Conference on Computational Intelligence - Volume 1: ECTA,},
year={2015},
pages={313-318},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005620203130318},
isbn={978-989-758-157-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 7th International Joint Conference on Computational Intelligence - Volume 1: ECTA,
TI - Cybersecurity and Honeypots: Experience in a Scientific Network Infrastructure
SN - 978-989-758-157-1
AU - Martin Acal J.
AU - Romero López G.
AU - Palacín Gómez P.
AU - García Sánchez P.
AU - Merelo Guervós J.
AU - Castillo Valdivieso P.
PY - 2015
SP - 313
EP - 318
DO - 10.5220/0005620203130318