| With the rapid development of the computer and network technology, a growing number of network attackers appear, and network security is also faced with enormous challenges. Many security agencies develop a number of security products, but the attackers are constantly improving the level of technology.The traditional security technology, like the firewall or the intrusion detection system, is used to protect the network security after finding the problem. This paper suggests the intrusion deception system, which combine Firewall, IDS with Honeypot. On the condition of the network security, the system help know more about the attacker and become initiative for network security more timely and comprehensive, describing a new network security strategy.This thesis introduces research background and then suggests a definition of the intrusion deception system on the basis of a detailed analysis of the concept, working principle and disadvantage of Firewall, IDS and Honeypot system, presents the functional structure of the intrusion deception system, analyzes its realization method and puts forward a deception network model. Secondly, it realize multi-level Data Capture, including network data packet, the memory occupied by the process, the usage of CPU by the process, the port and IP address of the progress, the changes of the files and register. It also realizes Data Control and remote log technique in order to protect system and data security. At last, it point out the weakness of the system such as the redundant data and the insecurity of the remote logs. |
PDF Full Text Request