Abstract

The increase in the automated attacks has motivated security researchers to focus on identifying patterns of attacker to safeguard the system. Humans have some basic behavioral characteristics and limitations, which can be identified and used to distinguish them from automated attackers. The network log data collected from a Honeypot uncovers such traits which are otherwise not noticeable. The paper analyses a SSH-based Honeypot deployed over a period of 423 days to identify human behavior traits which can essentially distinguish an automated attacker and a human attacker.

Original languageEnglish (US)
Title of host publication7th International Symposium on Digital Forensics and Security, ISDFS 2019
EditorsAsaf Varol, Murat Karabatak, Cihan Varol, Sevginur Teke
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781728128276
DOIs
StatePublished - Jun 2019
Event7th International Symposium on Digital Forensics and Security, ISDFS 2019 - Barcelos, Portugal
Duration: Jun 10 2019Jun 12 2019

Publication series

Name7th International Symposium on Digital Forensics and Security, ISDFS 2019

Conference

Conference7th International Symposium on Digital Forensics and Security, ISDFS 2019
CountryPortugal
CityBarcelos
Period6/10/196/12/19

Fingerprint

Research Personnel

Keywords

  • Behavioral analysis
  • Bot
  • Brute force attacks
  • Honeypot
  • SSH

ASJC Scopus subject areas

  • Health Informatics
  • Pathology and Forensic Medicine
  • Computer Networks and Communications
  • Computer Science Applications
  • Safety, Risk, Reliability and Quality

Cite this

Udhani, S., Withers, A., & Bashir, M. N. (2019). Human vs bots: Detecting human attacks in a honeypot environment. In A. Varol, M. Karabatak, C. Varol, & S. Teke (Eds.), 7th International Symposium on Digital Forensics and Security, ISDFS 2019 [8757534] (7th International Symposium on Digital Forensics and Security, ISDFS 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISDFS.2019.8757534

Human vs bots : Detecting human attacks in a honeypot environment. / Udhani, Shreya; Withers, Alexander; Bashir, Masooda N.

7th International Symposium on Digital Forensics and Security, ISDFS 2019. ed. / Asaf Varol; Murat Karabatak; Cihan Varol; Sevginur Teke. Institute of Electrical and Electronics Engineers Inc., 2019. 8757534 (7th International Symposium on Digital Forensics and Security, ISDFS 2019).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Udhani, S, Withers, A & Bashir, MN 2019, Human vs bots: Detecting human attacks in a honeypot environment. in A Varol, M Karabatak, C Varol & S Teke (eds), 7th International Symposium on Digital Forensics and Security, ISDFS 2019., 8757534, 7th International Symposium on Digital Forensics and Security, ISDFS 2019, Institute of Electrical and Electronics Engineers Inc., 7th International Symposium on Digital Forensics and Security, ISDFS 2019, Barcelos, Portugal, 6/10/19. https://doi.org/10.1109/ISDFS.2019.8757534
Udhani S, Withers A, Bashir MN. Human vs bots: Detecting human attacks in a honeypot environment. In Varol A, Karabatak M, Varol C, Teke S, editors, 7th International Symposium on Digital Forensics and Security, ISDFS 2019. Institute of Electrical and Electronics Engineers Inc. 2019. 8757534. (7th International Symposium on Digital Forensics and Security, ISDFS 2019). https://doi.org/10.1109/ISDFS.2019.8757534
Udhani, Shreya ; Withers, Alexander ; Bashir, Masooda N. / Human vs bots : Detecting human attacks in a honeypot environment. 7th International Symposium on Digital Forensics and Security, ISDFS 2019. editor / Asaf Varol ; Murat Karabatak ; Cihan Varol ; Sevginur Teke. Institute of Electrical and Electronics Engineers Inc., 2019. (7th International Symposium on Digital Forensics and Security, ISDFS 2019).
@inproceedings{34e01df04f9445c0952f52a74118a761,
title = "Human vs bots: Detecting human attacks in a honeypot environment",
abstract = "The increase in the automated attacks has motivated security researchers to focus on identifying patterns of attacker to safeguard the system. Humans have some basic behavioral characteristics and limitations, which can be identified and used to distinguish them from automated attackers. The network log data collected from a Honeypot uncovers such traits which are otherwise not noticeable. The paper analyses a SSH-based Honeypot deployed over a period of 423 days to identify human behavior traits which can essentially distinguish an automated attacker and a human attacker.",
keywords = "Behavioral analysis, Bot, Brute force attacks, Honeypot, SSH",
author = "Shreya Udhani and Alexander Withers and Bashir, {Masooda N}",
year = "2019",
month = "6",
doi = "10.1109/ISDFS.2019.8757534",
language = "English (US)",
series = "7th International Symposium on Digital Forensics and Security, ISDFS 2019",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
editor = "Asaf Varol and Murat Karabatak and Cihan Varol and Sevginur Teke",
booktitle = "7th International Symposium on Digital Forensics and Security, ISDFS 2019",
address = "United States",

}

TY - GEN

T1 - Human vs bots

T2 - Detecting human attacks in a honeypot environment

AU - Udhani, Shreya

AU - Withers, Alexander

AU - Bashir, Masooda N

PY - 2019/6

Y1 - 2019/6

N2 - The increase in the automated attacks has motivated security researchers to focus on identifying patterns of attacker to safeguard the system. Humans have some basic behavioral characteristics and limitations, which can be identified and used to distinguish them from automated attackers. The network log data collected from a Honeypot uncovers such traits which are otherwise not noticeable. The paper analyses a SSH-based Honeypot deployed over a period of 423 days to identify human behavior traits which can essentially distinguish an automated attacker and a human attacker.

AB - The increase in the automated attacks has motivated security researchers to focus on identifying patterns of attacker to safeguard the system. Humans have some basic behavioral characteristics and limitations, which can be identified and used to distinguish them from automated attackers. The network log data collected from a Honeypot uncovers such traits which are otherwise not noticeable. The paper analyses a SSH-based Honeypot deployed over a period of 423 days to identify human behavior traits which can essentially distinguish an automated attacker and a human attacker.

KW - Behavioral analysis

KW - Bot

KW - Brute force attacks

KW - Honeypot

KW - SSH

UR - http://www.scopus.com/inward/record.url?scp=85070528645&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85070528645&partnerID=8YFLogxK

U2 - 10.1109/ISDFS.2019.8757534

DO - 10.1109/ISDFS.2019.8757534

M3 - Conference contribution

AN - SCOPUS:85070528645

T3 - 7th International Symposium on Digital Forensics and Security, ISDFS 2019

BT - 7th International Symposium on Digital Forensics and Security, ISDFS 2019

A2 - Varol, Asaf

A2 - Karabatak, Murat

A2 - Varol, Cihan

A2 - Teke, Sevginur

PB - Institute of Electrical and Electronics Engineers Inc.

ER -