طراحی یک سامانه فریب همکارانه و مستقل در سامانه دفاع فعال سایبری

[1] S. Brandes, “The Newest Warfighting Domain: Cyberspace,” Synesis: A J.  Sci. , Technol. , Ethics, Policy, vol 4, bll G90-95, 2013.

[2] M. Fossi., [M1] “Symantec Internet Security Threat Report Trends for 2010,”,[M2]  Volume XVI, 2011.

[3] G. J. Rattray, “An Environmental Approach to Understanding Cyberpower,” Cyberpower and National Security, vol 10, National Defense University Press Washington, DC, bll 253–274, 2009.

[4] M. Bailey, E. Cooke, D. Watson, F. Jahanian, and N. Provos, “A Hybrid Honeypot Architecture for Scalable Network Monitoring,” Univ. Michigan, Ann Arbor, MI, USA, Tech. Rep. CSE-TR-499-04, 2004.

 [5] H. Artail, H. Safa, M. Sraj, I. Kuwatly, and Z. Al-Masri, “A Hybrid Honeypot Framework for Improving Intrusion Detection Systems in Protecting Organizational Networks,” Computers & Security, vol. 25, no. 4, pp. 274–288, 2006.

[6] M. Nawrocki, M. Wählisch, T. C. Schmidt, C. Keil, and J. Schönfelder, “A Survey on Honeypot Software and Data Analysis,” arXiv preprint arXiv:1608. 06249, 2016.

[7]  T. K. Lengyel, J. Neumann, S. Maresca, B. D. Payne, and A. Kiayias, “Virtual Machine Introspection in a Hybrid Honeypot Architecture,” In CSET, 2012. 

[8] L. Spitzner, “The Honeynet Project: Trapping the Hackers,” IEEE Security & Privacy, vol. 1, no. 2, pp. 15–23, 2003.

 [9] L. Spitzner, “Honeypots: Catching the Insider Ihreat,” In 19th Annual Computer Security Applications Conference, Proceedings, 2003, pp. 170–179.

[10] B. Cheswick, “An Evening with Berferd in which a Cracker is Lured, Endured, and Studied,” In Proc. Winter USENIX Conference, San Francisco, 1992, pp. 20–24.

 [11]   C. Stoll, The cuckoo’s egg: tracking a spy through the maze of computer espionage. Simon and Schuster, 2005. 

[12] G. Portokalidis, A. Slowinska, and H. Bos, “Argos: An Emulator for Fingerprinting Zero-day Attacks for Advertised Honeypots with Automatic Signature Generation,” ACM SIGOPS Operating Systems Review, vol. 40, no. 4, pp. 15–27, 2006.

[13] R. Rajabioun, “Cuckoo Optimization Algorithm,” Applied Soft Computing, vol. 11, no. 8, pp. 5508–5518, 2011. 

[14] D. Moore, C. Shannon, G. Voelker, and S. Savage, “Network Telescopes: Technical Report,” Cooperative Association for Internet Data Analysis (CAIDA), 2004. 

[15] A. Kirkby, “Honeynet Phase Two: Knowing Your Enemy More”, Computer Fraud & Security, vol. 2001, no. 12, pp. 8–9, 2001.

[16] D. Song, “A snapshot of global Internet worm activity,” The 14th Annual FIRST Conference on Computer Security Incident Handling and Response, [M3] 2002. 

[17] V. Yegneswaran, P. Barford, and D. Plonka, “On the Design and Use of Internet Sinks for Network Abuse Monitoring,” In International Workshop on Recent Advances in Intrusion Detection, 2004, pp. 146–165.

[18] K. M. Aghaei, S. Farshchi, and H. Shirazi, “A New Architecture for Impact Projection of Cyber-attacks Based on High Level Information Fusion in Cyber Command and Control,” Volume 9, No. 36, pp. 125-140,  [M4] 2015.

[19] M. Bailey, E. Cooke, F. Jahanian, J. Nazario, D. Watson, and Others,[M5]  “The Internet MotionS-a Distributed Blackhole Monitoring System,” In NDSS, 2005.

 [20] N. Provos and Others,[M6]  “A Virtual Honeypot Framework,” In USENIX Security Symposium, vol. 173, pp. 1–14, 2004. 

[21] B. Mphago, O. Bagwasi, B. Phofuetsile, and H. Hlomani, “Deception in Dynamic Web Application Honeypots: Case of Glastopf,” In Proceedings of the International Conference on Security and Management (SAM), p. 104, 2015. 

[22] W. Schulze, E. D. Schulze, I. Schulze, and R. Oren, “Quantification of Insect Nitrogen Utilization by the Venus Fly Trap Dionaea Muscipula Catching Prey with Highly Variable Isotope Signatures,” Journal of experimental botany, vol. 52, no. 358, pp. 1041–1049, 2001. 

[23] L. Spitzner, “Specter: A Commercial Honeypot Solution for Windows,” Acesso em, vol. 26, no. 08, 2003.

 [24] S. Poeplau and J. Gassen, “A Honeypot for Arbitrary Malware on USB Storage Devices,” 7th International Conference on Risks and Security of Internet and Systems (CRiSIS), pp. 1–8, 2012. 

[25] N. Provos and T. Holz, Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Pearson Education, 2007. 

 [26] L. K. Yan, “Virtual Honeynets Revisited,” In Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, pp. 232–239, 2005.

[27] A. Capalik, “Next-generation Honeynet Technology with Real-time Forensics for US Defense,” In MILCOM 2007-IEEE Military Communications Conference, pp. 1–7, 2007.

[28] N. Memari, S. J. B. Hashim, and K. B. Samsudin, “Towards Virtual Honeynet Based on LXC Virtualization,” IEEE Region 10 Symposium, pp. 496–501, 2014.[M7] 

 [29] D. Sever and T. Kišasondi, “Efficiency and Security of Docker Based Honeypot Systems,” 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp. 1167–1173, 2018.

[30] F. Galán and D. Fernández, “Use of VNUML in Virtual Honeynets Deployment,” IX Reunión Española sobre Criptología y Seguridad de la Información (RECSI), Barcelona, Spain, 2006.

[31] F. Stumpf, A. Görlach, F. Homann, and L. Brückner, “NoSE-building Virtual Honeynets Made Easy,” In Proceedings of the 12th International Linux System Technology Conference, Hamburg, Germany, 2005. 

[32]   D. Fernández , [M8] “Distributed Virtual Scenarios Over Multi-host Linux Environments,” 5th International DMTF Academic Alliance Workshop on Systems and Virtualization Management: Standards and the Cloud (SVM), pp. 1–8, 2011.

[33] W. Fan, D. Fernández, and Z. Du, “Versatile Virtual Honeynet Management Framework,” IET Information Security, vol. 11, no. 1, pp. 38–45, 2017. 

[34] W. Y. Chin, E. P. Markatos, S. Antonatos, and S. Ioannidis, “HoneyLab: Large-scale Honeypot Deployment and Resource Sharing,” Third International Conference on Network and System Security, pp. 381–388, 2009.

[35] B. Sobesto, M. Cukier, M. A. Hiltunen, D. Kormann, G. Vesonder, and R. Berthier, “DarkNOC: Dashboard for Honeypot Management,” In LISA, 2011.

[36] W. Han, Z. Zhao, A. Doupé, and G. J. Ahn, “Honeymix: Toward SDN-based Intelligent Honeynet,” In Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, pp. 1–6, 2016. 

[37]  M. Egele, T. Scholte, E. Kirda, and C. Kruegel, “A Survey on Automated Dynamic Malware-analysis Techniques and Tools,” ACM computing surveys (CSUR), vol. 44, no. 2, pp. 1–42, 2008. 

[38] L. Spitzner, “Know Your Enemy: Genii Honeynets,” The Honeynet Alliance, 2005. 

[39] W. Fan, Z. Du, D. Fernández, and V. A. Villagrá, “Enabling an Anatomic View to Investigate Honeypot Systems: A Survey,” IEEE Systems Journal, vol. 12, no. 4, pp. 3906–3919, 2017. 

[40]  K. G. Anagnostakis, S. Sidiroglou, P. Akritidis, K. Xinidis, E. Markatos, and A. D. Keromytis, “Detecting Targeted Attacks Using Shadow Honeypots,” 14th USENIX Security Symposium, [M9]  2005.

[41] S. Schindler, B. Schnor, and T. Scheffler, “Hyhoneydv6: A Hybrid Honeypot Architecture for IPV6 Networks,” International Journal of Intelligent Computing Research, vol. 6, No. 2, pp. 562-570, [M10] 2015. 

[42]   Y. M. P. Pa, S. Suzuki, K. Yoshioka, T. Matsumoto, T. Kasama, and C. Rossow, “IoTPOT: Analysing the Rise of IoT Compromises,” In 9th ${USENIX} Workshop on Offensive Technologies ({WOOT}$ 15), 2015.

[43]   A. Pashaei, M. E. Akbari, M. Z. Lighvan, and H. A. Teymorzade, “Improving the IDS Performance through Early Detection Approach in Local Area Networks Using Industrial Control Systems of Honeypot,” In 2020 IEEE International Conference on Environment and Electrical Engineering and 2020 IEEE Industrial and Commercial Power Systems Europe (EEEIC/I&CPS Europe), pp. 1–5, 2020. 

[44] A. Podhradsky, C. Casey, and P. Ceretti, “The Bluetooth Honeypot Project: Measuring and Managing Bluetooth Risks in the Workplace,” International Journal of Interdisciplinary Telecommunications and Networking (IJITN), vol. 4, no. 3, pp. 1–22, 2012. 

[45] R. Do Carmo, M. Nassar, and O. Festor, “Artemisa: An Open-source Honeypot Back-end to Support Security in VoIP Domains,” In 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops, pp. 361–368, 2011.

 [46] L. Spitzner, “Know Your Enemy: Sebek2 A Kernel Based Data Capture Tool,” Recuperado a partir de http://www. honeynet. org, 2003. 

[47] C. Song, B. Hay, and J. Zhuge, “Know Your Tools: Qebek--Conceal the Monitoring,” The Honeynet Project (www. honeynet. org/sites/default/files/files/KYT-Qebek-final_v1. pdf), 2010. 

[48] C. Willems, T. Holz, and F. Freiling, “Toward Automated Dynamic Malware Analysis Using Cwsandbox,” IEEE Security & Privacy, vol. 5, no. 2, pp. 32–39, 2007. 

[49] X. Jiang and X. Wang, “‘Out-of-the-box’ Monitoring of VM-based High-Interaction Honeypots,” In International Workshop on Recent Advances in Intrusion Detection, pp. 198–218, 2007.

 [50] J. Newsome and D. X. Song, “Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software,” In NDSS, vol. 5, pp. 3–4, 2005.

[51] C. Kreibich and J. Crowcroft, “Honeycomb: Creating Intrusion Detection Signatures Using Honeypots,” ACM SIGCOMM Computer Communication Review, vol. 34, no. 1, pp. 51–56, 2004. 

[52] A. Javaid, Q. Niyaz, W. Sun, and M. Alam, “A Deep Learning Approach for Network Intrusion Detection System,” Eai Endorsed Transactions on Security and Safety, vol. 3, no. 9, p. e2, 2016.

[53] R. Sekar, A.Gupta and S.Zhou. ,  “Specification-based Anomaly Detection: A New Approach for Detecting Network Intrusions”, In Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 265–274, 2002. 

[54]  E. Kohler, R. Morris, B. Chen, J. Jannotti, and M. F. Kaashoek, “The Click Modular Router,” ACM Transactions on Computer Systems (TOCS), vol. 18, no. 3, pp. 263–297, 2000. 

[55] C. Yoon, T. Park, S. Lee, H. Kang, S. Shin, and Z. Zhang, “Enabling Security Functions with SDN: A Feasibility Study,” Computer Networks, vol. 85, pp. 19–35, 2015.

[56] R. Berthier and M. Cukier, “Honeybrid: A Hybrid Honeypot Architecture,” In USENIX Security Symposium, vol. 2008, 2008. 

[57] R. Kundel P. Stiegele, D. Tran, J. Zobel, O.Abboud, R. Hark and R.Steinmetz, “User Space Packet Schedulers: Towards Rapid Prototyping of Queue-Management Algorithms,” Electronic Communications of the EASST, vol. 80, 2021. 

[58] Y.-D. Lin, T.-B. Shih, Y.-S. Wu, and Y.-C. Lai, “Secure and Transparent Network Traffic Replay, Redirect, and Relay in a Dynamic Malware Analysis Environment,” Security and Communication Networks, vol. 7, no. 3, pp. 626–640, 2014.