loading
Documents

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Sven Schindler 1 ; Oliver Eggert 1 ; Bettina Schnor 1 and Thomas Scheffler 2

Affiliations: 1 University of Potsdam, Germany ; 2 Beuth University of Applied Sciences, Germany

ISBN: 978-989-758-045-1

ISSN: 2184-2825

Keyword(s): Honeypot, IPv6, Shellcode.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Information Assurance ; Network Security ; Risk Assessment ; Software Security ; Wireless Network Security

Abstract: More and more networks and services are reachable via IPv6 and the interest for security monitoring of these IPv6 networks is increasing. Honeypots are valuable tools to monitor and analyse network attacks. HoneydV6 is a low-interaction honeypot which is well suited to deal with the large IPv6 address space, since it is capable of simulating a large number of virtual hosts on a single machine. This paper presents an extension for HoneydV6 which allows the detection, extraction and analyses of shellcode contained in IPv6 network attacks. The shellcode detection is based on the open source library libemu and combined with the online malware analysis tool Anubis. We compared the shellcode detection rate of HoneydV6 and Dionaea. While HoneydV6 is able to detect about 25 % of the malicious samples, the Dionaea honeypot detects only about 6 %.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.235.136.34

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Schindler, S.; Eggert, O.; Schnor, B. and Scheffler, T. (2014). Shellcode Detection in IPv6 Networks with HoneydV6.In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, ISSN 2184-2825, pages 198-205. DOI: 10.5220/0005016801980205

@conference{secrypt14,
author={Sven Schindler. and Oliver Eggert. and Bettina Schnor. and Thomas Scheffler.},
title={Shellcode Detection in IPv6 Networks with HoneydV6},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={198-205},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005016801980205},
isbn={978-989-758-045-1},
}

TY - CONF

JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Shellcode Detection in IPv6 Networks with HoneydV6
SN - 978-989-758-045-1
AU - Schindler, S.
AU - Eggert, O.
AU - Schnor, B.
AU - Scheffler, T.
PY - 2014
SP - 198
EP - 205
DO - 10.5220/0005016801980205

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.