HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Large Scale Activity Monitoring for distributed honeynets

Jerome Francois 1 Radu State 1 Olivier Festor 1
1 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : This paper proposes a new distributed monitoring approach based on the notion of centrality of a graph and its evolution in time. We consider an activity profiling method for a distributed monitoring platform and illustrate its usage in two different target deployments. The first one concerns the monitoring of a distributed honeynet, whilst the second deployment target is the monitoring of a large network telecope. The central concept underlying our work are the intersection graphs and a centrality based locality statistics. These graphs have not been used widely in the field of network security. The advantage of this method is that analyzing aggregated activity data is possible by considering the curve of the maximum locality statistics and that important change point moments are well identified.
Document type :
Conference papers
Complete list of metadata

Cited literature [10 references]  Display  Hide  Download

Contributor : Radu State Connect in order to contact the contributor
Submitted on : Thursday, September 13, 2007 - 11:27:58 PM
Last modification on : Wednesday, February 2, 2022 - 3:51:33 PM
Long-term archiving on: : Monday, September 24, 2012 - 12:25:23 PM


Files produced by the author(s)




Jerome Francois, Radu State, Olivier Festor. Large Scale Activity Monitoring for distributed honeynets. The Second International Conference on Internet Monitoring and Protection - ICIMP 2007, 2007, San Jose, United States. ⟨10.1109/ICIMP.2007.24⟩. ⟨inria-00172053⟩



Record views


Files downloads