Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Finding Honeypot Data Clusters Using DBSCAN: Part 2, (Fri, Sep 13th)

published on 2024-09-13 13:39:02 UTC by
Content:
In an earlier diary [1], I reviewed how using tools like DBSCAN [2] can be useful to group similar data. I used DBSCAN to try and group similar commands submitted to Cowrie [3] and URL paths submitted to the DShield web honeypot [4]. DBSCAN was very helpful to group similar commands, but it was also very useful when trying to determine whether commands from one honeypot were seen in another. How much overlap in attack data is there between honeypots? Is there any targeting based on the hosting location of the honeypot?
Article: Finding Honeypot Data Clusters Using DBSCAN: Part 2, (Fri, Sep 13th) - published 2 months ago.

https://isc.sans.edu/diary/rss/31194   
Published: 2024 09 13 13:39:02
Received: 2024 09 13 14:52:52
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 0

Custom HTML Block

Click to Open Code Editor