摘要
蜜网作为一种重要的主动防御机制,对增强网络的防护能力有重要意义。但传统蜜网存在配置单一、拓扑固定、伪装能力差等自我隐藏机制不完备、不智能的缺陷。提出一种网络欺骗机制,通过IP地址跳变、针对性配置蜜罐等手段,显著提高了攻击者攻击的难度并增强了蜜网获取攻击信息的能力。同时,利用SDN可编程的特点与灵活的控制机制,使用mininet仿真实验平台搭建了基于网络欺骗机制的SDN蜜网,并通过博弈论证明所提蜜网的有效性。实验结果证明,基于网络欺骗机制的SDN蜜网能够在不降低服务质量的同时有效欺骗攻击者。
As an important active defense mechanism,honeynet is of great significance in enhancing the protection capability of the network.However,traditional honeynets have incomplete and unintelligent self-hiding defects such as single configuration,fixed topology,and poor camouflage ability.A network deception mechanism is proposed.By means of IP address hopping and targeted configuration of honeypots,it significantly improves the difficulty of attacks and enhances the ability of honeynets to obtain attack information.Meanwhile,by using the programmable characteristics and flexible control mechanism of SDN,a mininet simulation experiment platform is used to build an SDN honeynet based on the network deception mechanism.The effectiveness of the proposed honeynet is proved through game theory.The experimental results demonstrate that the SDN honeynet based on the network deception mechanism can effectively deceive the attacker without reducing the quality of service.
作者
路祥雨
伊鹏
卜佑军
陈博
王亮
LU Xiangyu;YI Peng;BU Youjun;CHEN Bo;WANG Liang(Information Engineering University,Zhengzhou 450001,China)
出处
《信息工程大学学报》
2022年第4期471-477,共7页
Journal of Information Engineering University
基金
国家自然科学基金资助项目(62176264)。
关键词
蜜网
网络欺骗
SDN
博弈论
honeynet
network deception
software defined network
game theory
