Technology Independent Honeynet Description Language

Wenjun Fan, David Fernández, Víctor A. Villagrá

Abstract

Several languages have been proposed for the task of describing networks of systems, either to help on managing, simulate or deploy testbeds for testing purposes. However, there is no one specifically designed to describe the honeynets, covering the specific characteristics in terms of applications and tools included in the honeypot systems that make the honeynet. In this paper, the requirements of honeynet description are studied and a survey of existing description languages is presented, concluding that a CIM (Common Information Model) match the basic requirements. Thus, a CIM like technology independent honeynet description language (TIHDL) is proposed. The language is defined being independent of the platform where the honeynet will be deployed later, and it can be translated, either using model-driven techniques or other translation mechanisms, into the description languages of honeynet deployment platforms and tools. This approach gives flexibility to allow the use of a combination of heterogeneous deployment platforms. Besides, a flexible virtual honeynet generation tool (HoneyGen) based on the approach and description language proposed and capable of deploying honeynets over VNX (Virtual Networks over LinuX) and Honeyd platforms is presented for validation purposes.

References

  1. Spitzner, L., 2003. Honeypots Definitions and Value of Honeypots. From http://www.tracking-hackers.com.
  2. Spitzner, L., 2010. Dynamic Honeypot. From http://www.symantec.com/connect/articles/dynamichoneypots.
  3. Bjorklun, M., 2010. YANG-A Data Modeling Language for the Netowork Configuration Protocol (NETCONF). RFC 6020.
  4. Grosso, P., Dijkstra, F., Ham, J. van der, and Laat, C.T.A.M., 2007. Network Description Language -- Semantic Web For Hybrid Networks. In The TERENA Networking Conference.
  5. Ham, J. van der, Dijkstra, F., Lapacz, R., and Brown, A., 2013. The Network Markup Language (NML) A Standardized Network Topology Abstraction for Interdomain and Cross-layer Network Applications. In The TERENA Networking Conference.
  6. Ghijsen, M., Ham, J. van der, Grosso, P., and Laat, C., 2012. Towards an Infrastructure Description Language for Modeling Computing Infrastructures. In IEEE 10th International Symposium on Parallel and Distributed Processing with Applications (ISPA).
  7. Luntovskyy, A., Trofimova, T., Trofimova, N., Gütter, D., and Schill, A., 2008. To a Proposal towards Standardization of Network Design Markup Language. In International Network Optimization Conference (INOC'07), Spa, Belgium.
  8. Koslovski, G. P., Primet, P. V.-B., and Charão, A. S., 2009. VXDL: Virtual Resources and Interconnection Networks Description Language. In Networks for Grid Applications, Vol. 2 of Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, Springer Berlin Heidelberg.
  9. Provos, N., 2004. A Virtual Honeypot Framework. In SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium.
  10. Andreozzi, S., Burke, S., Ehm, F., Field, L., Galang, G., Konya, B., Litmaath, M., Millar, P., and Navarro, JP, 2009. GLUE Specification v. 2.0. From http://www.ogf.org/documents/GFD.147.pdf.
  11. Fernandez, D., Cordero, A., Somavilla, J., Rodriguez, J., Corchero, A., Tarrafeta, L., and Galan, F., 2011. Distributed virtual scenarios over multi-host Linux environments. In 5th International DMTF Academic Alliance Workshop on Systems and Virtualization Management (SVM).
Download


Paper Citation


in Harvard Style

Fan W., Fernández D. and A. Villagrá V. (2015). Technology Independent Honeynet Description Language . In Proceedings of the 3rd International Conference on Model-Driven Engineering and Software Development - Volume 1: MODELSWARD, ISBN 978-989-758-083-3, pages 303-311. DOI: 10.5220/0005245503030311


in Bibtex Style

@conference{modelsward15,
author={Wenjun Fan and David Fernández and Víctor A. Villagrá},
title={Technology Independent Honeynet Description Language},
booktitle={Proceedings of the 3rd International Conference on Model-Driven Engineering and Software Development - Volume 1: MODELSWARD,},
year={2015},
pages={303-311},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005245503030311},
isbn={978-989-758-083-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Model-Driven Engineering and Software Development - Volume 1: MODELSWARD,
TI - Technology Independent Honeynet Description Language
SN - 978-989-758-083-3
AU - Fan W.
AU - Fernández D.
AU - A. Villagrá V.
PY - 2015
SP - 303
EP - 311
DO - 10.5220/0005245503030311