• Title/Summary/Keyword: Intruder Tracing

Search Result 11, Processing Time 0.014 seconds

An active intrusion-confronting method using fake session and Honeypot (거짓 세션과 허니팟을 이용한 능동적 침입 대응 기법)

  • 이명섭;신경철;박창현
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.7C
    • /
    • pp.971-984
    • /
    • 2004
  • In the coming age of information warfare, information security patterns need to be changed such as to the active approach using offensive security mechanisms rather than traditional passive approach just protecting the intrusions. In an active security environment, it is essential that, when detecting an intrusion, the immediate confrontation such as analysing the intrusion situation in realtime, protecting information from the attacks, and even tracing the intruder. This paper presents an active intrusion-confronting system using a fake session and a honeypot. Through the fake session, the attacks like Dos(Denial of Service) and port scan can be intercepted. By monitoring honeypot system, in which the intruders are migrated from the protected system and an intrusion rule manager is being activated, new intrusion rules are created and activated for confronting the next intrusions.