Hybrid System Between Anomaly Based Detection System and Honeypot to Detect Zero Day Attack

Nisreen Innab; Eman Alomairy; Lamya Alsheddi; IEEE

Back

Conference proceeding

Hybrid System Between Anomaly Based Detection System and Honeypot to Detect Zero Day Attack

Nisreen Innab, Eman Alomairy, Lamya Alsheddi and IEEE

2018 21ST SAUDI COMPUTER SOCIETY NATIONAL COMPUTER CONFERENCE (NCC)

01/01/2018

Abstract

Computer Science

Computer Science, Theory & Methods

Science & Technology

Technology

Honeypots are systems designed to lure the potential attacker to a real system by make him busy with emulated system. Its primary objective is gathering information about the attacker as possible to avoid any future similar attacks. Another method for protecting the systems against attacks is anomaly based detection system, where its main goal is to monitor the traffic to detect any known worm behavior based on the previous knowledge of the environment. In this paper, we will mention some techniques to avoid Zero day attacks. Then we will analyze the strengths and weakness of both approaches that are honeypot and anomaly based detection. As a result, to integrate both approaches in one hybrid model as enhanced solution of detecting the Zero day attack that may occur in the system.

Metrics

1 Record Views

Details

Title: Hybrid System Between Anomaly Based Detection System and Honeypot to Detect Zero Day Attack
Creators - without role: Nisreen Innab - Naif Arab Univ Secur Sci, Dept Informat Secur, Riyadh, Saudi Arabia
Eman Alomairy - Naif Arab Univ Secur Sci, Dept Informat Secur, Riyadh, Saudi Arabia
Lamya Alsheddi - Naif Arab Univ Secur Sci, Dept Informat Secur, Riyadh, Saudi Arabia
IEEE
Publication Details: 2018 21ST SAUDI COMPUTER SOCIETY NATIONAL COMPUTER CONFERENCE (NCC)
Publisher: IEEE
Number of pages: 5
Identifiers: 9913963108331
Academic Unit: Almaarefa University; Naif Arab University for Security Sciences
Language: English
Resource Type: Conference proceeding