Cybersecurity and Network Forensics: Analysis of Malicious Traffic towards a Honeynet with Deep Packet Inspection

Rodrigues, Gabriel Arquelau Pimenta; Albuquerque, Robson de Oliveira; Deus, Flávio Elias Gomes de; Sousa, Rafael T. de; Júnior, Gildásio Antonio de Oliveira; Villalba, Luis Javier García; Kim, Tai-hoon

doi:10.3390/app7101082

Cited by 34 publications

(20 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Pimenta Rodrigues et al [38] applied Deep Packet Inspection (DPI) techniques to detect anomalies and evaluate different attacks on network traffic destined for a High Interactivity Honeynet. Based on the collected data and through the ELK Stack, it was possible to generate statistics of users, services, passwords used, and IP address distribution.…”

Section: Visualization Reviewmentioning

confidence: 99%

“…As for the visualization aspect, this work has functions similar to the works of Sijtsma et al [36], Oliveira Júnior et al [37], and Pimenta Rodrigues et al [38] for the set of viewing options. For example, Section 6.9 presents a quick and practical method using visualization tools for identifying social bots by analyzing outliers.…”

Section: Main Contribution Of This Workmentioning

confidence: 99%

“…To ensure anonymity, the collection layer authenticates to a contracted VPN server during the research of this project. All tweets collected by the search engine are sent to the distributed storage, which uses Elasticsearch to support and index large volumes of data, as the works [37,38,40]. Data presentation with metrics, statistics, and graphs, indicating different relationships, is done through Kibana [37,38,40,41].…”

Section: Proposed Environment Architecturementioning

confidence: 99%

“…This process is done by a separate guest on the internal network through the Elasticsearch tool. At this stage, Elasticsearch stores the full structure of tweets' real-time monitoring data with distributed storage, which helps to understand and interpret behaviors collected from Twitter [37,38,40].…”

Section: Phase 4: Distributed Storage Layermentioning

confidence: 99%

See 3 more Smart Citations

Anonymous Real-Time Analytics Monitoring Solution for Decision Making Supported by Sentiment Analysis

Júnior

Albuquerque

Andrade

et al. 2020

Sensors

Self Cite

View full text Add to dashboard Cite

Currently, social networks present information of great relevance to various government agencies and different types of companies, which need knowledge insights for their business strategies. From this point of view, an important technique for data analysis is to create and maintain an environment for collecting data and transforming them into intelligence information to enable analysts to observe the evolution of a given topic, elaborate the analysis hypothesis, identify botnets, and generate data to aid in the decision-making process. Focusing on collecting, analyzing, and supporting decision-making, this paper proposes an architecture designed to monitor and perform anonymous real-time searches in tweets to generate information allowing sentiment analysis on a given subject. Therefore, a technological structure and its implementation are defined, followed by processes for data collection and analysis. The results obtained indicate that the proposed solution provides a high capacity to collect, process, search, analyze, and view a large number of tweets in several languages, in real-time, with sentiment analysis capabilities, at a low cost of implementation and operation.

show abstract

Section: Visualization Reviewmentioning

confidence: 99%

Section: Main Contribution Of This Workmentioning

confidence: 99%

Section: Proposed Environment Architecturementioning

confidence: 99%

Section: Phase 4: Distributed Storage Layermentioning

confidence: 99%

See 2 more Smart Citations

Anonymous Real-Time Analytics Monitoring Solution for Decision Making Supported by Sentiment Analysis

Júnior

Albuquerque

Andrade

et al. 2020

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…The possibility of tracing back [ 21 ] the source network addresses of an attacker is an important tool that not only supports anti-DoS measures but can also take a role in network authentication [ 22 ]. Packet inspection is a required basic technique to support and complement learning, filtering, classification and calculations used in the other techniques [ 23 ].…”

Section: The Problem and Related Workmentioning

confidence: 99%

New DoS Defense Method Based on Strong Designated Verifier Signatures

Almeida

Júnior

Villalba

et al. 2018

Sensors

Self Cite

View full text Add to dashboard Cite

We present a novel technique for source authentication of a packet stream in a network, which intends to give guarantees that a specific network flow really comes from a claimed origin. This mechanism, named packet level authentication (PLA), can be an essential tool for addressing Denial of Service (DoS) attacks. Based on designated verifier signature schemes, our proposal is an appropriate and unprecedented solution applying digital signatures for DoS prevention. Our scheme does not rely on an expensive public-key infrastructure and makes use of light cryptography machinery that is suitable in the context of the Internet of Things (IoT). We analyze our proposed scheme as a defense measure considering known DoS attacks and present a formal proof of its resilience face to eventual adversaries. Furthermore, we compare our solution to already existent strategies, highlighting its advantages and drawbacks.

show abstract

Network Traffic Analysis

2024

Open‐Source Security Operations Center (SOC)

View full text Add to dashboard Cite

Cybersecurity and Network Forensics: Analysis of Malicious Traffic towards a Honeynet with Deep Packet Inspection

Cited by 34 publications

References 44 publications

Anonymous Real-Time Analytics Monitoring Solution for Decision Making Supported by Sentiment Analysis

Anonymous Real-Time Analytics Monitoring Solution for Decision Making Supported by Sentiment Analysis

New DoS Defense Method Based on Strong Designated Verifier Signatures

Network Traffic Analysis

Contact Info

Product

Resources

About