| 基于Sebek的蜜罐识别机制研究 |
| |
| 引用本文: | 朱一帅,吴礼发. 基于Sebek的蜜罐识别机制研究[J]. 信息技术, 2009, 33(1) |
| |
| 作者姓名: | 朱一帅 吴礼发 |
| |
| 作者单位: | 1. 解放军理工大学指挥自动化学院研究生1队,南京,210007
2. 解放军理工大学指挥自动化学院计算机系,南京,210007 |
| |
| 摘 要: | Sebek是一种基于内核的数据捕获机制,是构建高交互蜜罐的重要工具.对Sebek进行识别是识别高交互蜜罐的重要手段,目前研究人员已经提出了多种针对Sebek的识别机制.首先分析了Sebek的基本原理,然后总结了多种针对Sebek的识别机制,详细分析了每一种识别机制的实施原理.
|
| 关 键 词: | 蜜罐 蜜罐识别 |
Research on the identification technology of Sebek based honeypot |
| |
| ZHU Yi-shuai,WU Li-fa. Research on the identification technology of Sebek based honeypot[J]. Information Technology, 2009, 33(1) |
| |
| Authors: | ZHU Yi-shuai WU Li-fa |
| |
| Affiliation: | 1.Postgraduate Team 1;ICA;PLAUST;Nanjing 210007;China;2.Department of Computer;China |
| |
| Abstract: | Sebek is a kernel based data capture tool,which is an important component for building a(high-interaction) honeypot.Identifying Sebek is an important way to identify the high-interaction honeypot.Thus many identification methods against Sebek have been proposed.This paper first discusses the principle of Sebek,and then introduces several key identification methods against Sebek in details. |
| |
| Keywords: | Sebek |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
