Your SlideShare is downloading. ×
Honey pot in cloud computing
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Honey pot in cloud computing

1,089
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,089
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
72
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. HONEY POT IN CLOUD COMPUTING
  • 2. Introduction Cloud Security Honey Pot Implementation Components Types of Honey potsHoney Pots as Service
  • 3. Over Dependency on Cloud Services:Age Old Methods
  • 4. Cloud Security Issues faced by Customers :Low info about productsHost source unknown and Re-access Issues faced by Cloud providers:SegregationFirewalls
  • 5. Honey Pot as a Solution
  • 6. Honey Pot in Cloud
  • 7. Implementation
  • 8. Actual Implementation
  • 9. COMPONENTS Cloud Controller Cluster Controller Honey Controller Filter and Redirection Engine Log Storage System
  • 10. TYPES OF HONEYPOT low-interaction honeypots Honeyd is a low-interaction honeypot. Developed by Niels Provos, Honeyd is OpenSource and designed to run primarily on Unix systems (though it has been ported to Windows). Honeyd works on the concept of monitoring unused IP space. Anytime it sees a connection attempt to an unused IP, it intercepts the connection and then interacts with the attacker, pretending to be the victim. By default, Honeyd detects and logs any connection to any UDP or TCP port. When an attacker connects to the emulated service, not only does the honeypot detect and log the activity, but it captures all of the attackers interaction with the emulated service. In the case of the emulated FTP server, we can potentially capture the attackers login and password, the commands they issue, and perhaps even learn what they are looking for or their identity. It all depends on the level of emulation by the honeypot.
  • 11. TYPES OF HONEYPOT High-interaction honeypots Honeynets are a prime example of high-interaction honeypot. Honeynets are not a product, they are not a software solution that you install on a computer. Honeyents are an architecture, an entire network of computers designed to attacked. The idea is to have an architecture that creates a highly controlled network, one where all activity is controlled and captured. The bad guys find, attack, and break into these systems on their own initiative. When they do, they do not realize they are within a Honeynet. All of their activity, like emails , files uploads, are captured without them knowing it. Honeynet controls the attackers activity. Honeynets do this using a Honeywall gateway. This gateway allows inbound traffic to the victim systems, but controls the outbound traffic using intrusion prevention technologies. This gives the attacker the flexibility to interact with the victim systems, but prevents the attacker from harming other non-Honeynet computers.
  • 12. HONEYPOT AS A SERVICE To make business profit out of it the customer should be provided with an option to buy Honeypot when purchasing the instances as Honeypots are mostly needed for large networks where security and data reliability is of great concern . The customer must be given the logs containing information about the attackers and also the statistics about the attacks. This will help them to safeguard their resources against future attacks. The customer then will take necessary actions against the attackers.
  • 13. CONCLUSION Honeypots can be used for production purposes by preventing, detecting, or responding to attacks. Honeypots can also be used for research, gathering information on threats so we can better understand and defend against them.