Analysis of computer attacks through Honeypots in the District University Francisco José de Caldas

(Eng) This article is the result of the work developed for the design and implementation of Honeypots as a complementary alternative to the existing computer security scheme at Universidad Distrital Francisco José de Caldas as a project that also contributes to the a nalysis and detection of attacks...

Full description

Autores:
Leguizamón - Páez, Miguel A.
Bonilla - Díaz, María A.
León - Cuervo, Camilo A.
Tipo de recurso:
Article of journal
Fecha de publicación:
2020
Institución:
Universidad del Valle
Repositorio:
Repositorio Digital Univalle
Idioma:
eng
OAI Identifier:
oai:bibliotecadigital.univalle.edu.co:10893/17766
Acceso en línea:
https://hdl.handle.net/10893/17766
Palabra clave:
Cyberattack
Cybersecurity
Honeypots
Vulnerabilities
Ataques Informáticos
Honeypots
Seguridad Informática
Vulnerabilidades
Ataques Informáticos
Honeypots
Seguridad Informática
Vulnerabilidades
Rights
closedAccess
License
http://purl.org/coar/access_right/c_14cb
Description
Summary:(Eng) This article is the result of the work developed for the design and implementation of Honeypots as a complementary alternative to the existing computer security scheme at Universidad Distrital Francisco José de Caldas as a project that also contributes to the a nalysis and detection of attacks to the network security and the elements of computer type in the institution. For the development of this article, we worked using the PDCA cycle (Plan - Do - Check - Act). It is a model based on process management and continuous improvement of them, with a simple application and used properly, can help a lot in the realization of activities, both productive and administrative, in a more organized and effective way. Therefore, adopting the PDCA cycle provi des a simple guide for the management of activities and processes, the basic structure of a system and it is applicable to any organization. After the implementation of Cowrie and HoneyPy, it was possible to identify different patterns and ways to attack, guiding the configuration of a script in the IDS (Intrusion Detection System) server, allowing with the stored logs to create rules and implement it over Iptables. This fact allows become the IDS Server a node into a network of sensors feeding the database globally for an investigation of the attacks on all connected and configured computers, obtaining information to make a major analysis for the final user. The design of infrastructure with honeypots, implemented at the District University Francisco José d e Caldas allows finding security failures belonging to university's servers due to computing attacks. A new network distribution was designed for registering information about the different attacks and enabling effective solutions to be apply to the univer sity.

Publicaciones similares