Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
En jämförelsestudie av antal attacker mot olika internetleverantörers nät med hjälp av Honeypots
University West, Department of Engineering Science, Division of Computer, Electrical and Surveying Engineering.
University West, Department of Engineering Science, Division of Computer, Electrical and Surveying Engineering.
2017 (Swedish)Independent thesis Basic level (university diploma), 5 credits / 7,5 HE creditsStudent thesisAlternative title
A comparative study of number of attacks between different ISPs with the help of Honeypots (English)
Abstract [sv]

Det här examensarbetet handlar om att sätta upp, konfigurera och jämföra honeypots i olika internetleverantörers nätverk. Internetleverantörerna som använts är Telia, Bredbandsbolaget samt Sunet där en enhet har satts upp i varje nätverk. För att få ut resultat att jämföra attackerna mot enheterna har alla mätningar utförts under perioden 2017-02-22 till 2017-03-08 med hjälp av sensorerna p0f, Kippo, Snort och Dionaea. För att installera och samla in data från dessa sensorer användes mjukvarorna Modern Honey Network och Splunk. Resultaten visar på att antalet attacker mot enheterna hos Telia och Bredbandsbolaget inte hade någon betydlig skillnad men att enheten i Sunets nät fick fler attacker riktade mot sig. Detta trots att enheterna i näten från Telia och Bredbandsbolaget hade fler unika attacker, det vill säga attacker från unika ip-adresser. Utöver antalet attacker visar resultatet även vilka portar som attackerats mest, vilka operativsystem som använts i attackerna, de användarnamn, lösenord och kommandon som använts vid anslutningar via SSH, signaturer som genererat Snort-alerts samt var attackerna härstammat från geografiskt.

Abstract [en]

This thesis is about installing, configuring and comparing honeypots in different Internet Service Providers (ISP) networks. The ISPs that was used in this study was Telia, Bredbandsbolaget and Sunet. Each of the networks had a honeypot installed in it. The number of attacks against the honeypots was collected under the period 22-02-2017 - 08-03-2017, with the help of the sensors p0f, Kippo, Snort and Dionaea. The software “Modern Honey Network” and “Splunk” was used for the collection of data from these sensors. Data showed that the different amount of attacks against the honeypots between Telia and Bredbandsbolaget wasn’t significant, but it did show that the honeypot on Sunet had more attacks aimed towards it. This is interesting because the honeypots on Telia and Bredbandsbolaget had more unique attacks (attacks from unique IP-addresses). Apart from the number of attacks, the result also shows what ports have been targeted the most, what operating systems that had been used in the attacks, the usernames, passwords and commands that had been used in SSH connections, signatures that had generated Snort-alerts and from where the attacks originated geographically. Date

Place, publisher, year, edition, pages
2017. , 13 p.
Keyword [sv]
Honeypot, Jämförelse, Attacker, SSH, Dionaea
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:hv:diva-11060OAI: oai:DiVA.org:hv-11060DiVA: diva2:1117089
Subject / course
Computer enigeering
Educational program
Nätverksteknik med IT-säkerhet
Supervisors
Examiners
Available from: 2017-06-29 Created: 2017-06-28 Last updated: 2017-06-29Bibliographically approved

Open Access in DiVA

No full text

By organisation
Division of Computer, Electrical and Surveying Engineering
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

Total: 1 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf