Patterns and patter - An investigation into SSH activity using Kippo Honeypots
Document Type
Conference Proceeding
Publisher
Security Research Institute
Faculty
Faculty of Health, Engineering and Science
School
ECU Security Research Institute / Electron Science Research Institute
RAS ID
16136
Abstract
This is an investigation of the activity detected on three honeypots that utilise the Kippo SSH honeypot system on VPS servers all on the same C class address. The systems ran on identical software bases and hardware configurations. The results are over the period 21st March 2013 until Tuesday 04 June 2013. The initial analysis covered in this paper examines behaviours and patterns detected of the attacking entities. The attack patterns were not consistent and there was large disparity in numbers and magnitude of attacks on all hosts. Some of these issues are explored in the paper.
DOI
10.4225/75/57b3dbc8fb877
Access Rights
free_to_read
Comments
Valli, C. , Rabadia, P. N., & Woodward, A. J. (2013). Patterns and patter - An investigation Into SSH activity using Kippo Honeypots. In Proceedings of the 11th Australian Digital Forensics Conference (pp. 141-149). Perth, Australia: Security Research Institute. Available here