面向移动网络环境的智能协同蜜网设计与性能分析

在移动网络环境下，因各移动蜜罐资源有限、攻击注入手段灵活多变，需要动态部署蜜网以协同地检测攻击行为特征。然而现有蜜网易遭受特征识别攻击、网内恶意流量肆意传播、不能跨蜜罐迁移连接。为此，基于软件定义网络（software defined networking，SDN）技术，设计了一种智能协同蜜网（intelligent and collaborative Honeynet，ic-Honeynet）系统。它由逆向连接代理模块和蜜网控制器组成，它的优势在于逐一克服了上述3个缺陷。最后，搭建了一个ic-Honeynet实验环境，并验证了该系统的有效性。实验结果表明：该系统吞吐量近乎线速，高达8.23 Gbit/s；响应时延额外增加很小，仅在0.5～1.2 ms区间变化；连接处理能力也很强，可高达1 473个连接/s。

Design and performance analysis of a SDN-based intelligent and collaborative Honeynet for mobile networks environment

In the mobile network environment,the mobile honeypot resources are limited and the attack injection means are flexible,so it is necessary to dynamically deploy the honeynet to collaboratively detect the attack behavior characteristics.However,existing honey nets are susceptible to feature recognition attacks,malicious traffic within the network,and can’t be migrated across honeypots.Based on software defined networking (SDN) technology,an intelligent collaborative honeynet system (ic-Honeynet) was designed.It consisted of a reverse connection proxy module and a honeynet controller.Finally,an ic-Honeynet experimental environment was built and the effectiveness of the system was verified.The experimental results show that the throughput of the system is nearly linear,up to 8.23 Gbit/s; the additional increase in response delay is small,only in the range of 0.5 to 1.2 ms; the connection processing capability is also very strong,up to 1 473 connections/s.