Development of Intelligent Network Defense System to enable detection and analysis of cyber-attacks using an intrusion detection and prevention system based on honeypots
Keywords:
SSH attacks, Medium interaction honeypots, Cowrie honeypotsAbstract
The networks of universities and educational institutes are normally exposed to cyber-attacks, either internally or from outside the network. Sharing of knowledge associated with means of protection, which are responsible for defending the network, will effectively contribute to preventing or mitigating these attacks. We have developed a model for search, detection and analysis of network breaches and malwares by using of an intrusion prevention and detection system based on honeypots. Machine learning algorithms are implemented for classifying the attacks and discovering new threat. This system is able to capture and analyze cyber-attacks and malwares, and share the results of the analysis with other networks in real time, taking advantage of virtualization and thus saving in cost and time, since these systems are open source and free.