Font Size: a A A

Research Of Honeypot Technology And Design Of Honeynet

Posted on:2006-04-26Degree:MasterType:Thesis
Country:ChinaCandidate:Q T HeFull Text:PDF
GTID:2168360155955205Subject:Computer application technology
Abstract/Summary:PDF Full Text Request
A newly emerging network security technology based on active defense— honeypot technology is now widely concerned and will have a bright future. A honeypot is a network security resource, which can facilitate us to analyze and study the technology, tools and the motive of the intruders by monitoring their activities, and thus enhance our ability to safeguard the network. Honeynet, short for honeypot network, is a high implementation of honeypot technology. As a network system, honeynet generally consists of firewall, intrusion detection system(IDS ), one or more honeypot machines, but it can also be constructed on a physical host via virtual machine software.With the honeynet highlighted, the fundamentals of honeypot technology are elaborated in the thesis. The main work concerned includes:(1) Based on the existing relevant technology home and abroad, a virtual honeynet with the purpose of study is constructed and the functions concerned such as data control, data capture and alarming are designed and implemented.(2) In terms of the data capture of the honeypot itself, a new solution as MyBash is developed based on the analysis and comparison of the existing ones. Integrated the various merits of the existing solutions, MyBash not only can record the attacker's keystrokes, but can record the corresponding reply and transfer the data captured to the log server via a serial port. Thus a solution to data capture of honeypot via MyBash is provided for the researchers in honeynet.(3) A new method of alarming via mobile short message is put forward, which improves the existing alarming mechanism of honeynet. By analyzing the protocols of existing short message software SMM and simulating the data packet of it, the feasibility of alarming by mobile short massage in honeynet is verifed.(4) The systematic test of the honeynet functions such as data control, data capture, alarming and IP address deceiving is achieved.
Keywords/Search Tags:network security, intrusion detection, honeypot, honeynet
PDF Full Text Request
Related items