| 引用本文: | 姚兰,王新梅.基于欺骗的网络主动防御技术研究.[J].国防科技大学学报,2008,30(3):65-69.[点击复制] |
| YAO Lan,WANG Xinmei.A Study on the Network Active Defense Technology Based on Deception[J].Journal of National University of Defense Technology,2008,30(3):65-69[点击复制] |
|
| |
|
|
| 本文已被:浏览 6584次 下载 6002次 |
| 基于欺骗的网络主动防御技术研究 |
| 姚兰, 王新梅 |
|
(西安电子科技大学 ISN国家重点实验室,陕西 西安 710071)
|
| 摘要: |
| 针对网络对抗和计算机网络安全防护的现实需求,提出了一种在分布式欺骗空间中实施多重欺骗的网络主动防御技术,通过仿真常用的网络服务程序以及伪造安全漏洞来诱骗入侵者,利用内核级操作控制、文件系统镜像和信息欺骗,构建基于Windows和Linux平台的欺骗性操作环境,实现了对网络入侵全过程的欺骗、监视与控制。该技术突破了普通蜜罐技术单一欺骗层次的局限性,使得欺骗性、交互性和安全性同时得到明显提高。 |
| 关键词: 网络欺骗 主动防御 蜜罐 网络服务仿真 操作行为控制 |
| DOI: |
| 投稿日期:2007-12-20 |
| 基金项目:国家863计划重大专项资助项目(2003AA146010) |
|
| A Study on the Network Active Defense Technology Based on Deception |
| YAO Lan, WANG Xinmei |
|
(ISN Key National Laboratory, Xidian Univ., Xi'an 710071, China)
|
| Abstract: |
| A network active defense technology based on multi-layers deception in the distributed deception space is proposed to meet the needs of network countermeasure and network security. This technology simulates usual network service programs and forges vulnerabilities to lure the intruder. With operation control at kernel level, file system mirror and information deception, it creates the deceiving operating environment on the platform of Windows and Linux. Thus the process of intrusion is fully deceived, monitored and controlled. This technology breaks the limitation of a single layer deception used by other general honeypots, and obviously promotes the level of deception, interaction and ensures security. |
| Keywords: network deception active defense honeypot network service simulation operation control |
|
|
