- 著者
-
Yagi Takeshi
Chan Alberto
Tanimoto Naoto
HARIU Takeo
ITOH Mitsutaka
- 出版者
- 一般社団法人電子情報通信学会
- 雑誌
- 電子情報通信学会技術研究報告. IN, 情報ネットワーク (ISSN:09135685)
- 巻号頁・発行日
- vol.110, no.116, pp.37-42, 2010-07-01
In recent years, web-based applications have gained popularity due to the emergence of the trends such as netbooks and cloud computing. This popularity, along with the emphasis on personalization, has lead to the development of many web applications developed by many people. Due to negligence in secure coding, many of these web applications contain vulnerabilities. This has attracted the attention of attackers who want to exploit these security vulnerabilities to hack the web applications. Malicious users who may illicitly use these web applications and the data contained in their databases pose a constant threat. Therefore, it is necessary to protect these web applications as well as the servers on which they run. In order to effectively protect the web applications, a method of monitoring and analyzing attack is necessary in addition to the conventional intrusion detection systems. Honeypots are highly versatile security tools with various applications to internet security. They are computing resources where their value lies in the information they capture while being probed, attacked, or compromised. In this paper, we will discuss the investigation and evaluation of two web honeypots-the High Interaction Honeypot Analysis Tool and the DShield Web Honeypot as well as our proposal for a hybrid honeypot based on the results.