E-mail a Wiley Online Library Link

Mohammed H. Sqalli, Syed Naeem Firdous, Khaled Salah and Marwan Abu-Amara Classifying malicious activities in Honeynets using entropy and volume-based thresholds Security and Communication Networks 6

Version of Record online: 3 JUL 2012 | DOI: 10.1002/sec.575

Thumbnail image of graphical abstract

The aim of this work is to use an anomaly detection technique to classify different types of malicious activities present in Honeynets with application of entropy-based and traffic volume distributions. The behavior of various anomalies or malicious activities is classified using the selected features and their respective threshold values. Finally, we propose a mapping between the various anomalies and their associated behavior, which can be further used to identify similar anomalies in other Honeynet data sets.

Complete the form below and we will send an e-mail message containing a link to the selected article on your behalf

Required = Required Field