摘要
近年来,数据泄露、网络攻击等呈爆发态势,传统的基于特征规则的安全防护无法及时发现新威胁,而且分析人员的分析成本很高。为解决上述困境,诱饵防御技术是一种合理的选择,连续三年被Gartner评选为顶尖信息安全技术之一。本文介绍了诱饵防御的发展历程以及诱饵防御实施的四个层面,并针对攻击链的不同阶段实施不同的诱饵策略,最后介绍了诱饵防御实施的意义。
In recent years,data breaches,network attacks,and other threats have been on the rise.Traditional security protection based on feature rules cannot detect new threats in a timely manner,and the analysis cost for analysts is high.To address the aforementioned challenges,decoy defense technology is a reasonable choice and has been selected as one of the top information security technologies by Gartner for three consecutive years.This paper introduces the development of decoy defense and the four levels of decoy defense implementation,and the implementation of different decoy strategies for different stages of the attack chain,and finally introduces the significance of decoy defense implementation.
作者
杨新涛
方有轩
付恒
陈青钦
常津铭
YANG Xintao;FANG Youxuan;FU Heng;CHEN Qingqin;CHANG Jinming(China Mobile Communications Group Sichuan Co.,Ltd.,Chengdu Sichuan 610011)
出处
《软件》
2024年第8期163-165,共3页
Software
关键词
安全
诱饵防御
蜜罐
security
decoy defense
honeypot
