1. Field of Invention
The embodiments of the invention relate in general to network security. More specifically, the embodiments of the invention relate to a method and system for preventing, auditing and trending unauthorized traffic in a network system.
2. Description of the Background Art
Over the past few years, network security has become a top priority for network and system administrators. Intruders constantly attack network systems by exposing vulnerable services, transmitting worms, viruses, corrupted files, etc. These exploits, worms and viruses affect the functionality of network system resources and services and are generally referred to as attack vectors. An attack vector can be specific to a particular network system resource, or it can affect multiple network system resources at the same time.
Security patches, network firewalls and intrusion detection systems are generally used to safeguard network system resources from attack vectors. A method of preventing attack vectors is with the use of a honeypot. A honeypot is an information system resource. Any interaction with honeypots indicates unauthorized or malicious activity. Honeypots emulate network system resources and services, thereby protecting the network system. Honeypots can track and capture the activity that directly interacts with them. Honeypots are part of the individualized hardware that runs the network device. Hence, if the attack vector affects multiple network devices in the network system at the same time, then multiple honeypots must be configured in all the network devices, with a honeypot being configured and maintained for each network device. Further, every time the attack vector attacks the network system, all the network system resources and services are emulated by multiple honeypots, which reduces its efficiency.