| With the rapid development of Internet, network security issues are becoming increasingly serious, computer-related crime is increasing every year. How to ensure network security has become a key research field in computer science. Current safety measures are mainly based on known facts and attack mode, thus, take passive defense methods. However, these methods are inadequate to counter against the complex and varied hackers. How to make the defense system from static to dynamic, from passive to active are the new topics for us to research.Honey-pot is a new research field of network security. It lures the attackers by constructing a system with obvious vulnerability, and then record the invasion of motives, the invasion means, the tools and other information of an attacker. However, Honey-pot is a kind of application, accordingly, there exists much vulnerability. Thus, how to make Honey-pot more secure is an important issue worth to study.This paper analyzes the traditional network security techniques and their shortcomings, describes the major technical difficulties and shortcomings of the honey-pot, and designs some methods to improve the security of the honey-pot. In order to improve the security of log servers in Honey-pot, this paper proposes a method to transport log files, through camouflaging log file packets, we can hide the log-server, thus improve its security. We describe the implementation of camouflaging in detail, and then test the results of camouflaging. The results show that this method could camouflage log file packets, and improve security of log server effectively.Finally, this paper describes the design and implementation of a honey-pot running on Windows XP. The honey-pot is composed of four parts, i.e. templates management, packets dispatching and protocols process, characteristics engine, and output module. We implemented the initialization and management of the virtual host. Experiment results show that the honey-pot is able to lure some attacks, accordingly, improve the security of the network. |
PDF Full Text Request