| The traditional network security technology usually adopts the passive defensive measures against network attacks, which in fact cannot deal with various attacks efficiently. It is a new problem deserving of study that how to protect network security effectively and actively by changing the static security system to a dynamic one and the passive defensive measures into an active one in order to avoid the traditional passive defense position which is always under attack.This paper mainly studied the technologies and methods used to trap network attacks. Because the deceptive network environment is built, the attackers cannot confirm the validity of the whole network and that of the data got from attacking, the aim of protecting target host is achieved.Based on the analysis of active network security defensive technology and the existing achievements on network intrusion deception, network deception technology and host computer deception technology together with the dynamic configuration technology are combined, then the new platform model on network intrusion deception, Honeyd, is proposed. Honeyd aims at improving the efficiency of network intrusion deception through using the flexible virtual deception technology and advanced dynamic configuration technology. This paper developed thoroughly the integral structure of the model and the function and work flow of such modules as sealing and intercepting, network deception, host computer deception, dynamic configuration and so on. It also designed a network security system based on Honey Pot by using the current network deception technology. The goal of this design is by using sorts of network service and the relevant system security loophole provided by target system to entrap attackers into finding and attacking the Honey Pot,analyzes the information using KFsensor IDS and Honeyd daily serve to collect.It can provid early waring about attack and exploitation trends and allow in depth examination of attacker's action and process during explitation of a honeypot. discussed the virtual honeypot technology,the honeyd frame,the honeyd installment and design of network intrusion system, and has realized to the honeypot deployment and application. Lastly the test and analysis were conducted on the Honeyd network intrusion deception model by devising a real testing environment.According to the theory study and experiment verification, network security system based on deception technology increased the difficulty in attacking and the workload of the attackers; consumed the materials of attackers; extended the attacking time and induced the attacks to Honey Pot system. Consequently the security of target host was ensured and the passive network defense was shifted into active one. It evidently promoted the network security of networks. |
PDF Full Text Request