Honeypot

If You Go Down to the Internet Today – Deceptive Honeypots

ABSTRACT

This is preliminary research into the effectiveness of deceptive defensive measures in particular honeypots that use deceit as a primary defensive and offensive mechanism. Initial research has been conducted using the Deception Tool Kit and its ability to fool commonly available network scanning tools such as Nessus and Nmap The preliminary research indicates that these deceptive tools have a place in modern network defense architecture.

Malware Analysis Framework from Static to Dynamic Analysis

ABSTRACT

Today, malicious software on networks is the major threat to internet security. Analysis of the malicious software is a multi-step process that can provide insight into its structure, functionality and behaviour that can be used to create an antidote. This paper focuses on how the analysis of malicious software can be used and how details of events gathered from an infected system can be used to detect a new infection. This strategy makes it possible to detect an infection on a honeypot that has been deployed to detect zero-day attacks. This paper demonstrates the steps taken in the analysis of malicious software from static to dynamic analysis, then the same methodology is used to analyse an infection on the honeypot. The paper concludes with an explanation of the difference between the static and dynamic analysis of malicious code. 

On the Role of Malware Analysis for Technical Intelligence in Active Cyber Defense

ABSTRACT

This paper discusses the critical role collection and analysis of malware must play in active cyber defense. The importance of determining the operational characteristics, strengths, and weaknesses of an adversary’s weapons and equipment has led to the establishment of technical intelligence (TECHINT) as a discipline in military intelligence. Software, particularly malware, fills the role of weapons in cyberspace. Malware analysis offers significant opportunities to understand adversary capabilities and intent, thus facilitating an effective cyberspace defense. This paper provides background, discusses potential TECHINT gains from malware, and considers how this knowledge may enhance an active cyber-defense strategy.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com