摘要
为解决传统蜜罐系统视野狭小,存在大量安全隐患等缺点,提出了一种新的基于蜜罐的网络安全系统,并给出了对该系统主要部件的设计。该系统采用多层诱骗方法以扩大视野;将数据控制与重定向技术相结合,以便在入侵的各阶段对系统进行保护;将虚拟机技术与数据捕获技术相结合,有效提高数了据捕获的隐蔽性和数据传输的安全性。最后,在实验室的检测表明了系统的有效性。
In order to resolve the problems of narrow vision and potential security hazard in traditional honeypot, a new model of network security systems based on honeypot is proposed and a conceptual design is carried to its main parts. The model adopts a multi-level inveigling method to widen its vision, combines data control and redirection technologies to protect the system at every stage of an invasion,combines data capture and virtual machine technology to improve the invisibility of data capture and the security of data transmission. Finally, in the lab, the availability of the system is tested.
出处
《计算机工程与设计》
CSCD
北大核心
2010年第22期4806-4808,4830,共4页
Computer Engineering and Design
关键词
蜜罐
网络安全
虚拟机
数据捕获
网络诱骗
数据控制
honeypot
network security
virtual machine
data capture
network deception
data control