| 一种基于蜜网的网络安全防御技术* |
| |
| 引用本文: | 王铁方,李云文,叶宝生,杨屹,律原,诸立尚.一种基于蜜网的网络安全防御技术*[J].计算机应用研究,2009,26(8):3012-3014. |
| |
| 作者姓名: | 王铁方 李云文 叶宝生 杨屹 律原 诸立尚 |
| |
| 作者单位: | 首都师范大学,北京,100048 |
| |
| 基金项目: | 首都师范大学博士启动基金资助项目(08224010052) |
| |
| 摘 要: | 基于主动防御的蜜网技术虽然在一定程度上克服了传统安全模型被动防御的缺陷,但入侵者仍能通过蜜网对内部网络和外部网络进行攻击,造成蜜网本身也存在一定的不安全因素。为此提出了一种基于蜜网的网络安全防御技术——用DMZ(非武装区)和两层防火墙来防止内部网络被入侵;用NIDS(网络入侵检测系统)和流量控制的方法来防止外部网络被攻击,从而较好地解决了传统网络安全模型存在的一些缺陷。
|
| 关 键 词: | 蜜网 蜜罐 防火墙 入侵检测 |
Honeynet-based network security defense model |
| |
| WANG Tie-fang,LI Yun-wen,YE Bao-sheng,YANG Yi,LV Yuan,ZHU Li-shang.Honeynet-based network security defense model[J].Application Research of Computers,2009,26(8):3012-3014. |
| |
| Authors: | WANG Tie-fang LI Yun-wen YE Bao-sheng YANG Yi LV Yuan ZHU Li-shang |
| |
| Affiliation: | (Capital Normal University, Beijing 100048, China) |
| |
| Abstract: | Though honeynet, which is based on an active defense, has overcome some of the shortcomings of traditional techniques, invaders can still attack the inner and outer networks through Honeynet, so there are still many insecure factors in honeynet. This paper proposed an active defense technology based on honeynet. Using DMZ (demilitarized zone) and two firewalls to prevent the inner network from being invaded, and using NIDS(network intrusion detection system) and flow control to prevent the outer network from being attacked. By this means, solved many problems both in the traditional network security model and honeynet. |
| |
| Keywords: | honeynet honeypot firewall intrusion detection |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
