| 基于虚拟机技术的安全系统研究 |
| |
| 引用本文: | 苏航,吴庆波,李永.基于虚拟机技术的安全系统研究[J].计算机安全,2008(3):49-53. |
| |
| 作者姓名: | 苏航 吴庆波 李永 |
| |
| 作者单位: | 国防科学技术大学,计算机学院软件研究所,湖南,长沙,410073 |
| |
| 基金项目: | NSF重大项目(60633050),国家“863”重点项目(2006AA01Z188) |
| |
| 摘 要: | 该文在深入分析蜜罐和入侵检测技术的基础上,提出了基于虚拟机技术的蜜罐入侵检查系统,它是集蜜罐、HIDS以及NIDS于一体的入侵检查系统,系统中将蜜罐在虚拟机上进行分离,结合IDS来控制蜜罐的安全性,同时结合两者对网络安全的检测信息来实现更强的入侵检查系统。该系统方案在最大化解决蜜罐自身安全问题的同时,结合3者的优点并抑制了各自的缺点,几乎不需要改变现有的入侵检测系统,故具有很强的实用性和广阔的应用前景。
|
| 关 键 词: | 虚拟机 蜜罐 入侵检测系统 可控安全域 |
| 修稿时间: | 2007年10月4日 |
Research On Safe-System Based VM Technology |
| |
| SU Hang,WU Qing-bo,LI Yong.Research On Safe-System Based VM Technology[J].Network & Computer Security,2008(3):49-53. |
| |
| Authors: | SU Hang WU Qing-bo LI Yong |
| |
| Abstract: | Firstly, the honey-pot and traditional IDS technologies are analyzed in details. Then a new IDS solution called VM-Honey based Intrusion Examine System (IES) is proposed, which integrates the advantages of virtual machine (VM), honey-pot, HIDS and NIDS techniques while efficiently overcoming their defects. It has the features of lower distort and fail-to-report rate, and does better in detecting unknown intrusion behaviors than traditional IDSs. VM-Honey based IES does it best to settle its own security issues and needs hardly modifying current IDSs, therefore it is practical and has good application prospect. |
| |
| Keywords: | Virtual Machine Honey-pot IDS Controllable Safe Domain |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
