A novel honeypot based security approach for real-time intrusion detection and prevention systems
In the digitalized modern world in parallel to the new technological developments, information security has become the highest priority in the individual and institutional sense. In order to ensure the security of information systems, various systems are used techniques and technologies, including encryption, authorization, firewall, honeypot based systems. In this study, a honeypot based approach for intrusion detection/prevention systems (ID/PS) is proposed. The developed honeypot server application is combined with IDSs to analyze data in real-time and to operate effectively. Moreover, by associating the advantages of low and high-interaction honeypots, a superior hybrid honeypot system is performed. Therefore, in order to reduce the cost of configuration, maintenance, and management, after viewing the usage of honeypots on corporate networks, virtualization technologies are used. The developed system is a honeypot based intrusion detection and prevention system (IDPS) type and it is able to show the network traffic on servers visually in real-time animation. Thereby, it provides system information easily. Finally, the developed system can detect zero-day attack due to the configuration of intrusion detection, which makes it superior in performance compared to other IDSs. This system also helps in reducing the false positive level in IDSs.
- Intrusion detection and prevention systems (IDS/IPS);
- Network security;
- System security;
- Network traffic visualization