| With the pervading of internet and the adding of netsufers, network provides both the legal users convenient and fast service, and lots of "hacker" access opportunities. How to protect network and how to ensure the positivity of network sources has become a problem which has close relationship with people's interests.Nowadays, there are several technologies to solve the network security. Each of them has some defensive function in protecting network intrusion. But, all these traditional network security technologies mainly use passive methods. While facing to the complex increasingly and ever-changing kinds of network intrusion, these technologies come to be pale. Therefore, recently a new Active Defensive Technology has been a focus to the network security researchers.Active Dynamic Network Defensive Technology is, in dynamic process, to supervise the network information directly and accomplish pull and shift the attack of hacker. In the meanwhile, analyse the intrude method used by the hacker, obtain the evidence of network intrusions, and track and trace the intruders. Currently, the main active dynamic defensive technologies are Dynamic Network Security Technology, Network Deception Technology and Hacker Trail Technology. This paper begins with these fields, and then puts emphasis on discussing Network Camouflaging Technology, and HONEY Technology.On the Network Camouflaging aspect, it brings up Network Camouflaging general design, detailed investigation from several aspects of Network Camouflagings, which are based on Host, LAN, and WAN. On the aspect of HONEY Technology, this paper investigates nowadays HONEY Technology which is spring up relatively and thoroughly, and goes a step further summary on the popular concept of HONEY Technology. Moreover, introduces present technologies and methods on defending worm virus and junk mail based on HONEY Technology.After accomplished 863 Program(Integrated Network Security Defensive System), that the writer designs Dynamic HONEY Project. The introducing of Coordination and Interaction into design realizes the coordination control between distributive IDS and IDS, distributive Firewall and Firewall, distributive honeypot and honeypot. At the same time, it also realizes Interaction among IDS, Honeypot and Firewall. This article also brings forward the Embedded HONEY Technology projects, which enhances the Network Camouflaging effect and increases hacker's work remarkably. Besides, it sets forth the concept of LAN Simulation for the first time and mocks every network service to attract theattention of hacker in order to let them attack the dummy net. Combining dummy active network with IDS acting, we can master every step of hacker's crack clearly and cut down the connection when it is necessary.The theme comes from several projects, such as "Hacker Monitoring Technology Research"(National 863 Program, Serial Number: 2001AA142100), and "IntegratedNetwork Security Defensive System"(National 863 Program, Serial Number:2003AA142060) sponsored by National High-tech Research Development Program;"Intelligence Distributive Realtime Network Intrusion Defence Technology Research"(Serial Number: 20010699018) sponsored by National Education Department Doctor Fund.Among them, National 863 Program" Hacker Mornitoring Technology Research" has been checked and accepted successfully by 863 experts group on Feb. 22, 2003, and passed the experts' authentication of Commission of Science and Industry for National Defence on Oct. 8, 2003. |
PDF Full Text Request