基于蜜罐的安全系统设计

Design of honeypot-based security system

为解决传统蜜罐系统视野狭小,存在大量安全隐患等缺点,提出了一种新的基于蜜罐的网络安全系统,并给出了对该系统主要部件的设计。该系统采用多层诱骗方法以扩大视野;将数据控制与重定向技术相结合,以便在入侵的各阶段对系统进行保护;将虚拟机技术与数据捕获技术相结合,有效提高数了据捕获的隐蔽性和数据传输的安全性。最后,在实验室的检测表明了系统的有效性。

In order to resolve the problems of narrow vision and potential security hazard in traditional honeypot, a new model of network security systems based on honeypot is proposed and a conceptual design is carried to its main parts. The model adopts a multi-level inveigling method to widen its vision, combines data control and redirection technologies to protect the system at every stage of an invasion,combines data capture and virtual machine technology to improve the invisibility of data capture and the security of data transmission. Finally, in the lab, the availability of the system is tested.