Accession Number:

ADA456422

Title:

Early Warning and Prediction of Interest Attacks and Exploits

Descriptive Note:

Master's thesis

Corporate Author:

AIR FORCE INST OF TECH WRIGHT-PATTERSON AFB OH SCHOOL OF ENGINEERING

Personal Author(s):

Report Date:

2005-09-01

Pagination or Media Count:

82.0

Abstract:

A safe, secure and functional information network is vital in todays Air Force net centric environment. Information is more critical today than it has ever been. As more operational functions are placed in cyber space and greater computing power becomes available to everyone, keeping these networks safe and secure is an almost unattainable task. Network security entails Intrusion Detection Security, but another form of security or insecurity is quickly gaining attention. Honeypots allow the black hat community to attack and penetrate non-production systems. By monitoring and studying these attacks, network defenders can develop better Information Assurance tactics and procedures to defend their networks. The ability to quickly analyze only those data packets predicted to be an exploit and disregard the remaining packets is crucial in todays overworked environment. Using an accredited Honeypot, an Exploit Prediction System EPS is developed using a decision-tree matrix. The EPS provides an excellent tool in choosing only those data packets needing further analysis. The EPS employs as few criterion needed for successful prediction. The log data coming into the honeypot is not filtered and all incoming log data is captured, interpreted and categorized.

Subject Categories:

  • Information Science
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE