Browsing by Author "Yagci, Huseyin"

Filter results by typing the first few letters
Now showing 1 - 1 of 1
  • Thumbnail Image
    Conference Object
    Clandestine cell based honeypot networks
    (Curran Associates Inc., 2016) Cagatay Yucel; Ahmet Hasan Koltuksuz; Hüseyin Yaǧci; Yucel, Cagatay; Yagci, Huseyin; Koltuksuz, Ahmet; R. Koch , G.D. Rodosek
    A Clandestine Cell is a type of an intelligence organization where a cell only knows the immediate superior and the associated members of itself. This kind of organizational structure is used by intelligence agencies throughout the world to provide security against a breach thus ensuring the safety of the members. This well-known intelligence organization is applied to solve an advanced cyber security issue. A relatively new kind of a cyber threat known as an Advanced Persistent Threat (APTs) has been around for some time now Stuxnet being the very first identified. There are several points to consider when identifying the characteristics of an APT such as the aim its interactions with Internet way of collecting information operations they do disrupt and concealment mechanisms utilized. An important aspect is whether it is statistically analyzable or dynamically identifiable that its communication patterns need to be inspected to identify the characteristics. The traces of an APT might be identified this way. In this research a honeypot network with a communication policy based on a clandestine cell is introduced. Each honeypot only knows a hub. And a hub only knows the main malware analysis server. By utilizing this approach the communications are hidden from possible attackers without compromising the main server. In each honeypot server dead-ends are created and implemented in the honeypot servers. Advantages and ramifications are discussed regarding the types of malware. It is aimed to create yet another taxonomy of malware regarding the network activities as they are being trapped by our introduced honeypot network. A clandestine cell format is one of its kind within organizations. This is the very first time that such kind of format is being applied to honeypot design for APT hunting. This is the paper in which an intelligence organizational structure meets with a network architecture in order to solve a very hard to crack cyber security problem. The idea itself is a new and untried one. © 2023 Elsevier B.V. All rights reserved.