| 基于双蜜罐技术的安全防御系统的设计 |
| |
| 引用本文: | 汪彩梅.基于双蜜罐技术的安全防御系统的设计[J].计算机安全,2014(2):29-33. |
| |
| 作者姓名: | 汪彩梅 |
| |
| 作者单位: | 合肥学院网络与智能信息处理重点实验室,安徽合肥230601 |
| |
| 基金项目: | 安徽省高等学校省级优秀青年人才基金项目2012SQRLI72 |
| |
| 摘 要: | 传统的单一蜜罐系统不一定能保证长时间与攻击者进行交互,以至于无法检测提取充足的关于攻击者的信息。为了提高服务器的安全和收集到更多攻击者的信息,提出了一种基于双蜜罐技术的防御系统方案,在防火墙的DM7区域架设两台蜜罐系统,其中蜜罐A是基于Windows平台下搭建的虚拟服务器以引诱攻击者,蜜罐B基于Linux平台下搭建,通过Libevent、Libpcap等一些库函数完全模拟真实的服务器,该蜜罐具有较强的安全防护措施和不易攻破的特征。
|
| 关 键 词: | 监测 双蜜罐技术 虚拟服务器 库函数 |
Design of Security Defense System based on Double Honeypot |
| |
| Abstract: | The single traditional honeypots can not ensure the long time to interact with attackers, so unable to extract information about the adequacy of. In order to improve the server' s security and collect more information of the attacker, this paper presents a defense system scheme based on double honeypot technology, in the region of DMZ firewall installed two sets of honeypot honeypot system, the A is to lure the attacker Virtual Server Windows platform based on B, honeypot based on Linux platform, through Libevent, Libpcap and other library functions fully simulate the real server, the honeypot with safety protection measures of strong and impregnable characteristic . |
| |
| Keywords: | Monitoring double honeypot Virtual server library function |
| 本文献已被 维普 等数据库收录! |
