| With the rapid development of Internet, nowadays, our work and other aspects of life cannot be separated from the support of the network. Meanwhile, network security has become ahot issue of the Internet, because the network anomaly, security information leakage andothers issue, it can be greatly affect to the national security, economic development and socialstability.The main threats to the network are: the destruction or loss of resources, information lossor modification, the disruption of services. In order to resolve a variety of network threatsand attacks, there are many security technologies: firewall, intrusion detection, authentication,encryption, access control, the credibility of services, backup and recovery. So IDS(IntrusionDetection System) has been a very important part of information security and protectionsystem,however, traditional intrusion detection system is mainly used passive defensetechnology, it is difficult to cope with the ever-changing network relatively. For the reasons tomake the defense system of the IDS into dynamic, shifting from a passive defense initiative.This paper presents the use of virtual Honeypot technology to detect the network data flow, toreduce the load of Intrusion Detection System, and generate new characteristics of rules forthe IDS at the same time, so as to enhance the efficiency and performance of the networksecurity defense system.The main works of this article: understanding the Intrusion Detection System andHoneypot, the research of history and development of them. Through the open-sourcesoftware Snort and Honeyd, analysis of intrusion detection technology and virtual Honeypottechnology, and then use them to deploy a joint Active intrusion deception detection system. Using Honeycomb—the plug of Honeyd, which can automatic generation attack signaturesfor Snort, thereby reducing the probability omission of intrusion detection system. |
PDF Full Text Request