| dc.description.abstract | The technique of Internet attack is always changing, so making the internet security faces an ever harsher challenge. We have to adjust the attitude from passive defense to promoting active and positive defense. By collecting the information of attacks and analyzing the information and methods of the attackers, this will enhance the ability of defenders to effectively discourage and further to counter malicious internet attacks.
Honeypot is a representative of positive information security defense system (mainly for the current common web threats, such as drive-by download, malicious websites, web tampering, and remote attacks), which provides a mechanism to detect and counter attacks. Some foreign security companies are building similar systems, but few domestic security companies have built such systems. In recent years, the largest Internet Service Provider (ISP) in Taiwan – ChungHwa Telecom built a successful Honeypot, thus motivating this study.
This thesis investigates how ChungHwa Telecom has successfully built a Honeypot system. The study applies the case study method and interviews four experts in building this Honeypot in the different groups. In order to investigate the background of problems encountered and solutions implemented, this study analyzes the tangible and intangible benefits of this system. Finally, the study summarizes the critical success factors for building this system. In addition to full support of top management and sufficient budget, an excellent building team, the company’s heavy network traffic, and widely distributed network nodes, coupled with the maturity of virtualization technology and the help of high-performance hardware, all are critical factors for the successful implementation of the Honeypot system,. This study can provide some guidelines for other companies when building a Honeypot system.
| en_US |