Building a cognizant honeypot for detecting active fingerprinting attacks using dynamic fuzzy rule interpolation.pdf (836.19 kB)
Download file

Building a cognizant honeypot for detecting active fingerprinting attacks using dynamic fuzzy rule interpolation

Download (836.19 kB)
journal contribution
posted on 25.02.2022, 10:43 authored by Nitin Naik, Changjing Shang, Paul JenkinsPaul Jenkins, Qiang Shen
Dynamic fuzzy rule interpolation (D‐FRI) technique delivers a dynamic rule base through the utilisation of fuzzy rule interpolation to infer more accurate results for a given application problem. D‐FRI offered dynamic rule base is very useful in security areas where network conditions are always volatile and require the most updated rule base. A honeypot is a vital part of any security infrastructure for directly investigating attacks and attackers in real‐time to strengthen the overall security of the network. However, a honeypot as a concealed system can only function successfully while its identity is not revealed to any attackers. Attackers always attempt to uncover such honeypots for avoiding any trap and strengthening their attacks. Active fingerprinting attack is used to detect these honeypots by injecting purposefully designed traffic to a network. Such an attack can be prevented by controlling the traffic but this will make honeypot unusable system if its interaction with the outside world is limited. Alternatively, it is practically more useful if this fingerprinting attack is detected in real‐time to manage its immediate consequences and preventing the honeypot. This article offers an approach to building a cognizant honeypot for detecting active fingerprinting attacks through the utilisation of the established D‐FRI technique. It is based on the use of just a sparse rule base while remaining capable of detecting active fingerprinting attacks when the system does not find any matching rules. Also, it learns from current network conditions and offers a dynamic rule base to facilitate more accurate and efficient detection.

Funding

Portsmouth University

History

Published in

Expert Systems

Publisher

Wiley

Version

AM (Accepted Manuscript)

Citation

Naik, N., Shang, C., Jenkins, P. and Shen, Q. (2020) 'Building a cognizant honeypot for detecting active fingerprinting attacks using dynamic fuzzy rule interpolation', Expert Systems, p.e12557. https://doi.org/10.1111/exsy.12557

Print ISSN

0266-4720

Electronic ISSN

1468-0394

Cardiff Met Affiliation

  • Cardiff School of Technologies

Cardiff Met Authors

Paul Jenkins

Copyright Holder

© The Publisher

Language

en