| Honeypots are security resources present in the network with the goal of attracting attackers and with the intention of capturing maximum information about these attacks. The information captured by the honeypots are used to study, analyze and prevent these attacks. In this thesis we have developed and implemented a honeypot as a web application with the goal to capture the attacks targeted at web applications and to study these attacks. The honeypot is capable of detecting 5 different types of attacks namely SQL Injection Attacks, Cross Site Scripting Attacks, Malicious File Upload Attacks, User Enumeration Attacks and Remote File Inclusion Attacks.;The second part of the thesis is a detailed study and analysis of the information and attacks captured by the honeypot since it has been deployed. A Honeypot Management System has been implemented which is an administrative tool to manage the captured information. |
