Skip to main content
SpringerLink
Log in

Symantec Deception Server Experience with a Commercial Deception System

  • Conference paper
Recent Advances in Intrusion Detection (RAID 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3224))

Included in the following conference series:

Abstract

This paper provides an examination of an emerging class of security mechanisms often referred to as deception technologies or honeypots. It is based on our experience over the last four years designing and building a high, end commercial deception system called ManTrap. The paper will provide an overview of the various technologies and techniques and will examine the strengths and weaknesses of each approach. It will discuss deployment criteria and strategies and will provide a summary of our experiences designing and constructing these systems. It also presents the results of work demonstrating the feasibility and utility of a deep deception honeypot.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Symantec Enterprise Solutions. Symantec Corporation (Retrieved March 2004), http://enterprisesecurity.symantec.com/products

  2. Honeyd – Network Rhapsody for You. Center for Information Technology Integration (Retrieved March 2004), http://www.citi.umich.edu/u/provos/honeyd/index.html

  3. The Honeynet Project (Retrieved March 2004), http://project.honeynet.org/misc/project.html

  4. Talisker Host Intrusion Detection System. Security Wizardry (Retrieved February 2004), http://www.networkintrusion.co.uk/HIDS.htm

  5. Vmware (Retrieved March 2004), http://www.vmware.com

  6. Solaris Zones. Sun Microsystems - BigAdmin (Retrieved March 2004), http://www.sun.com/bigadmin/content/zones/index.html

  7. iButton Products: iButton Overview (Retrieved March 2004), http://www.ibutton.com/ibuttons/index.html

  8. Stoll, C.: Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage. Pocket Books (2000)

    Google Scholar 

  9. SecurityFocus HOME Products: Cybercopy Sting (Retrieved June 2004), http://www.securityfocus.com/products/515

  10. Cheswick, B.: An Evening with Berferd In Which a Cracker is Lured, Endured and Studied. In: Proc. Winter USENIX Conference (1992)

    Google Scholar 

  11. Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: The Spread of the Sapphire/Slammer Worm (2003), http://www.caida.org/outreach/papers/2003/sapphire/sapphire.html

  12. Spitzner, L.: Honeypots Definitions and Value of Honeypots (Retreived June 2004), http://www.tracking-hackers.com/papers/honeypots.html

Download references

Author information

Authors and Affiliations

  1. Symantec Corporation, Redwood City, CA

    Brian Hernacki, Jeremy Bennett & Thomas Lofgren

Authors
  1. Brian Hernacki
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jeremy Bennett
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thomas Lofgren
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Chalmers University of Technology, SE-412 96, Göteborg, Sweden

    Erland Jonsson  & Magnus Almgren  & 

  2. SRI International, 333 Ravenswood Ave., CA 94025, Menlo Park, USA

    Alfonso Valdes

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hernacki, B., Bennett, J., Lofgren, T. (2004). Symantec Deception Server Experience with a Commercial Deception System. In: Jonsson, E., Valdes, A., Almgren, M. (eds) Recent Advances in Intrusion Detection. RAID 2004. Lecture Notes in Computer Science, vol 3224. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30143-1_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30143-1_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23123-3

  • Online ISBN: 978-3-540-30143-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation