Continent-based Comparative Study of Internet Attacks
Springer, Berlin, Heidelberg
We have deployed a honeypot sensor node in Uganda that is connected to a distributed honeypot system managed by Leurrecom.org Honeypot project, which constitutes of a large number of different honeypot sensors distributed across different continents. Once joined the project, the system allows access to the whole dataset collected by all sensors in the distributed system. We use the data collected by the honeypot sensors for a period of six months to compare the attacks that have been detected by honeypot sensors in Africa to the attacks detected by sensors in other continents. Our findings reveal that sensor nodes in Africa experience a significant number of attacks. In some cases, the number of attacks for African sensor nodes is significantly higher than many sensors in developed countries. This shows that network attacks are independent of location and Internet popularity in a country. That is, low Internet penetration level in African countries does not mean that networks in Africa are safe from external attacks. In fact, the results further indicate that some attacks are highly likely guided against specific networks.
This book chapter was published in: Popescu-Zeletin R., Rai I.A., Jonas K., Villafiorita A. (eds) E-Infrastuctures and E-Services for Developing Countries. AFRICOMM 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, Vol 64. Springer, Berlin, Heidelberg
Internet attacks, Internet threats, Honeypot sensor, Distributed honeypot systems, SGNET
Rai, I. A., & Perez, M. (2011). Continent-Based Comparative Study of Internet Attacks. In R. Popescu-Zeletin, I. A. Rai, K. Jonas, & A. Villafiorita (Eds.), E-Infrastuctures and E-Services for Developing Countries (pp. 31–40). inproceedings, Berlin, Heidelberg: Springer Berlin Heidelberg.