« How many ways to 0wn the Internet? Towards Viable Worm Defenses | Main | Wormblog: One year on »
Collapsar: A VM-Based Architecture for Network Attack Detention
This presentation introduces a scalable overlay system much like yesterday's Honeyfarm idea.
Collapsar is different from current approaches. In (an) overlay based approach like NetBait or Domino Overlay, honeypots are deployed in different networks. Log information generated by these honeypots are securely aggregated so that advanced date mining techniques can be applied. However, those attacks still happen within those sites.
Source: Collapsar: A VM-Based Architecture for Network Attack Detention, Xuxian Jiang, Dongyan Xu, presented at USENIX Security 2004.
May 4, 2005 in detection, honeypots, papers | Permalink
Tell others: digg submit
|
del.icio.us this
|
Reddit
Comments
The comments to this entry are closed.
