| Along with the Internet swift and furious development and the network socialization arrival, the Internet has opened her door to the commercial users and the ordinary public.The network commanication and business volume experiencing a rolling snowball type growth. ,At the same time, as a result of the security flaws hacker's network attacks and of the Internet itself, invasion behavior. the increasing security of the Information highway raised the public alarm.The available countermeasures are primarily based on known facts and known attack patterns and mainly are passsive defence means. All these means seem too less able to handle complex and swiftly changing attach methods. How to make the network security defense system dynamic and to change measure actively but not passively are the new research task.. The effective information safe practice more voluntarily of another kind has been entering people's vision gradually, that is technology of the honeyed pot.Honeypot is a new concept in the field of network security. It allures attacker by some obvious security holes, at the same time, monitors the hacker's behavior and records all the information for further analysis. According the log data, we can look up the latest intrusion behaviors and security holes, so accordingly we can build more security into the whole system.The thesis discusses the theory, structure, characteristic, design and implementation of Honeypot in detail. Constructing a virtual Honeypot demonstrate the honeypot's functions. It can be concluded in some aspect of this article.The first, this thesis introduce the origins, development, the definition and categories of Honeypot. And value of security, special advantage and weakness of Honeypot are discussed.The second, And correlative concepts and ideas are analyzed completely, The implement technologies of honeypot system include disguise,information gather,risk control,data analysis. The third, after deep analysis domestic and international tradition and technology of the honeypot of front, have summarized technological difficult point and defect existing mainly of the technology of the honeypot .In line with the question of putting forward afterwards, solve the thinking of the problem, has proposed it to the technology expansion method of the existing honeypot—Combine the comprehensive solution of the safe practice of other information. And one virtual Honeypot is constructed used honeypot together with IDS to validate the concept and implementation of Honeypot.At last, the function test and performance test of the honeypot.According to the conclusion of this thesis, we can claim that honeypot can puzzle adversaries, devert an attack from their real targets, exhaust attacker resources discover vulnerabilities and new attacking methodes. Worked with IDS and FireWall the computer network security will be enhanced effectively. |
PDF Full Text Request