摘要
目前大部分安全技术被设计用来阻止未授权的可疑行为获取资源,同时案例工具是作为一种防御措施被布置,所以它们对网络的保护有限。本文在分析国内外研究现状的基础上,针对现有网络安全工具在入侵检测以及防护等方面的不足,设计和实现了分布式虚拟陷阱系统。该系统所分布的代理由混合Honeynet和低交互的Honeypot构成,降低了Honeypot固有的风险,增加了模拟的真实性,弥补了现有各类Homeypot的不足。系统作为一种动态安全防御机制,可以有效地提高大规模网络的整体安全性,是传统案例机制的有力补充。
Most security technologies are designed to prevent unauthorized activities for resources. And security tools are put into place as a defensive measure. Therefore there are some shortcomings in network protection. After analyzing the research situation and the shortcomings of security tools in intrusion detection and system protection, a distributed virtual honeynet system is studied and implemented. The system is composed of a Hybrid Virtual Honeynet and a low-interaction Honeypot. Which reduces the inherent risk of Honeypot, and adds the simulation's trueness, and it makes up for the shortcomings of existing different types of honeypots. As a dynamic security defensive mechanism, it improves effectively the in tegral safety of large-scale networks, and is a completely supplement of traditional security mechanisms.
出处
《计算机工程与科学》
CSCD
2006年第2期33-35,68,共4页
Computer Engineering & Science
基金
国家863计划资助项目(2003AA142010)
关键词
网络安全
入侵检测
蜜罐
陷阱网络
network security
intrusion detection
honeypot
honeynet
