The Web Attack Trapping System Based On Honeyd

As the fast development of the internet industry, the network information security is playing a more and more important role. From the key industry such as the military, the native defense, the government, and the bank, to the corporation and individuals, are facing the risks of the network attacks. At the same time, the network attacks are diversified with short period and low technical barrier. In case of being confused by the sudden attacking, we must be active instead of passive, to find out the possible weakness, and research the latest attack methods of the hackers.Honeypot technology is used to trap attacks in order to collect the information of the attacks and protect the real host. Unlike the traditional security technologies, the core value of the honeypot is to be detected, attacked and threatened. Through that we can analyze the attacks, know their attack purpose, means and strategies, and finally we can learn deeper information protection methods from that.Honeyd is one of the most popular honeypot systems. By create and configure with the virtual host, it seems that we are running on the specific operating system. Honeyd can create multiple virtual hosts in the local area network to meet with the network experimental environment. We can ping the virtual host and trace the route. With those features, we can simulate varieties of services by making different configuration.This article firstly introduces the research background and meanings, and the current environment of the research throughout the inside and outside of the country. And then, it introduces some basic technologies related with the article, including theory of the honeypot , Web architecture, common network communication protocols and so on. After that, it chooses one of the most popular honeypot program Honeyd as the research platform, studying its detail, designing the trapping engine and module due to different web attack means, so that it can capture the attack information by the typical Web attacks. Last, there is experiment to identify the functions of the trapping system and find out some improvement ideas for the system.