A4 Refereed article in a conference publication
An Interface Diversified Honeypot for Malware Analysis
Authors: Samuel Lauren, Sampsa Rauti, Ville Leppänen
Editors: Rami Bahsoon, Rainer Weinreich
Conference name: Workshop on Monitoring and Measurability of Software and Network Security
Publishing place: New York
Publication year: 2016
Book title : ECSAW '16 Proceedings of the 10th European Conference on Software Architecture Workshops
Series title: ICPS: ACM International Conference Proceeding Series
Number in series: 1239
First page : 1
Last page: 6
Number of pages: 6
ISBN: 978-1-4503-4781-5
DOI: https://doi.org/10.1145/2993412.2993417
Web address : http://dl.acm.org/citation.cfm?id=2993417
Defending information systems against advanced attacks is a challenging
task; even if all the systems have been properly updated and all the
known vulnerabilities have been patched, there is still the possibility
of previously unknown zero day attack compromising the system. Honeypots
offer a more proactive tool for detecting possible attacks. What is
more, they can act as a tool for understanding attackers intentions. In
this paper, we propose a design for a diversified honeypot. By
increasing variability present in software, diversification decreases
the number of assumptions an attacker can make about the target system.
