ABSTRACT
Unlike the conventional defensive means for attack detection such as Intrusion Detection Systems which are based on knowledge about specific attack patterns and thus are designed to detect known attacks by detecting signatures or anomalies, honeypots technology represents a dierent and complementary approach. Honeypot is a new proactive network security technology based on the inveiglement theory which could attract attacks by real or virtual network and services so as to analyze the blackhat’s activities during honeypots being attacked by hackers, delay and distract attacks in the meantime (Zhuge Jian-Wei & Tang Yong & Han Xin-Hui 2013). The honeypots are valuable for researching and developing new IDS signatures and rules, analyzing new hacker’s attack tools, detecting new methods of stealthy communications and Distributed Denial of Service (DDoS) tools (Mairh Abhishek & Barik Debabrat & Verma Kanchan 2011).
