抄録
Data capture tool is one of the core components of a honeypot system. The most vital requirement of this component is: it must function as stealthily as possible, so the intruder is not aware of its presence. Currently Sebek is the most sophisticated tool for this purpose. Unfortunately Sebek is rather easy to detect, even with unprivileged right access. This paper presents a novel approach to improve Sebek on this aspect. We proposes a design and implementation of a tool named Xebek, which is based on Xen technology, to fix the most outstanding problems of Sebek. Our experimental results prove that Xebek is much more covert, while the reliability and efficient are improved significantly.
| 本文言語 | English |
|---|---|
| ページ(範囲) | 209-215 |
| ページ数 | 7 |
| ジャーナル | WSEAS Transactions on Computers |
| 巻 | 5 |
| 号 | 1 |
| 出版ステータス | Published - 2006 1月 |
ASJC Scopus subject areas
- コンピュータ サイエンス(全般)