Conventional network security tools such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), anti-virus, antispyware and anti-malware integrated with firewalls generate a lot of false positives that make computer network system administration cumbersome. This paper proposes a novel mechanism comprising of taintcheck for dynamic analysis of buffer overflow attack using synthetic exploit and hybrid honeypot for scanning, detecting, identifying attackers and signature generation. In this framework, Noah's attack detection is used as a template. Upon testing, the practicality of the proposed framework was found to be more effective than other conventional network security tools as it effectively and comprehensively mitigates against threats and reported zero-day attacks with fewer false positives.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.