Applying Data-Mining Techniques in Honeypot Analysis
Very little is known about the exact actions executed by a hacker entering a system. Much insight can be gained from following and understanding a hacker's behaviour. It is believed that the more interesting the target the faster the attack will occur. Honeypots are a means of creating an inviting target to lure attackers with the purpose of studying the attackers and their attack patterns. Understanding these attack strategies, patterns and trends can be helpful in determining the vulnerabilities of a system. This requires the system to capture and log large amounts of data which are very difficult to process manually. This process can be time consuming and usually the results are mainly statistical in nature.