Autor: doc. RNDr. JUDr. Pavol Sokol, PhD.
Školiteľ: doc. RNDr. Jozef Jirásek, PhD.
Abstrakt
Network forensic analysis is one of the basic branches of the digital forensic analysis which deals with monitoring and analysing network traffic order to identify network intrusions and obtain legal evidence. In this thesis we deal with special frameworks that are adapted to collect forensic data – honeypots and honeynets. In thesis we also deal with a survey of honeypots and their usage and classification. We outline the concept of the honeynets and their core functions and generations. Especially, we focus on virtual honeynets and present concept, advantages and disadvantages of the honeynet based on operating system-level virtualization. Also we discuss the honeynet based on operating system-level virtualizations technologies – OpenVZ and FreeBSD Jail. Important part of this thesis is the design of own virtual honeynet based on operating system-level virtualization that uses OpenVZ as virtualization technology. This design is not limited to OpenVZ. Within proposed virtual honeynet we briefly describe the design of own virtual honeynet components, especially network and other sensors.
Ciele
- Analyzovať a zovšeobecniť známe poznatky z oblasti sieťovej forénznej analýzy, honeypotov, honeynetov a virtuálnych honeynetov
- Analyzovať možnosti použitia virtualizácie na úrovni operačného systému na účely návrhu virtuálnych honeynetov
- Navrhnúť virtuálny honeynet postavený na virtualizácii na úrovni operačného systému
Literatúra
- DAVIDOFF, S. HAM, J. Network Forensics: Tracking Hackers Through Cyberspace. Prentice Hall, 2012.
- JOSHI, R. C. SARDANA, A. Honeypots: A New Paradigm to Information Security. Science Publishers, 2011.
- SPITZNER, L. Honeypots: tracking hackers. Addison-Wesley Longman Publishing Co., Inc., 2002.
- PROVOS, N. HOLZ, T. Virtual honeypots: from botnet tracking to intrusion detection. Addison-Wesley Professional, 2007.
Priebeh práce
Zatiaľ nezverejnené
