摘要
面向服务的体系架构作为近年来IT业界的焦点,已经逐渐成为影响中国IT系统构建的主导思想。随着该体系首选的Web服务发展与普及应用,其安全问题日益突出。而现在所使用的安全模型都是基于被动防御的技术。结合虚拟蜜网来设计实现面向服务架构的主动防御系统。系统以第三代蜜网部署拓扑为基础,结合防火墙与入侵检测系统来构建,使用Honeywall网关并建立Windows蜜罐与SOA服务蜜罐来实现虚拟蜜网,在一定程度上克服了传统安全模型被动防御的缺陷。通过控制平台端对蜜网网关监控数据进行分析,提取扫描入侵和一种溢出漏洞特征,实现了主动告警。
Service-oriented architecture, as the focus of IT industry in recent years, has gradually become the dominant ideology of IT system construction in China. With the develop- ment and popularization of Web services, the security problem is becoming more and more serious. And now the security model used is based on passive defense technology. An active defense system is designed and implemented by virtual honey net. The system is based on the third generation of honey network deployment topology, which combines firewall and intrusion detection system to build and use Honeywall gateway, and sets up Windows honeypots and honeypot SOA services to implement virtual honeynet. To a certain extent, it overcomes the defects of the traditional security model of passive defense. With the control plat- form, the monitoring data of network gateway is analyzed, which extracts the features of scanning intrusion and an overflow vulnerability and implements active alarm.
出处
《沈阳理工大学学报》
CAS
2017年第1期56-60,共5页
Journal of Shenyang Ligong University
基金
国家863项目(863-2015-03F)
关键词
SOA
防火墙
入侵检测
蜜网
告警
SOA
firewall
intrusion detection
honeynet
alarm
