| With the popularity of computer networks,network plays an increasing important role in the work and life of people,while network security becomes a critical issue for the further development of networks.Compared with traditional passive defense methods,Honeypot is a novel initiative defense system,the value of which lies in tempting initiatively hackers to scan and attack,result in getting more information about attack techniques.It's can also be used to attract and divert hacker's attention and protect the real network system.In this paper,a detailed introduction about composing,category and theory is slated firstly,then some improvement of honeypot network has been made.Based on it,we make scientific researches and designs on honeypot in the frame of honeyd.Honeyd is a simple honeypot exploitable tool with powerful function,which has been extensively applied at present.It features plenty of functions,such as simulating multi-operating systems in the protocol stack,simulating network topological stucture,fingerprint matching,redirection etc.It can properly solve the contradiction between interaction level and self security.Therefore,honeyd delegates the development level of the honeypot technology in many fields.In this work,the design of honeypot based on honeyd considered its fundament,and made an emphasis on structure and data,especially data capture.We introduced two-layer mechanism,namely sebek and libpcap,which guaranteed reliability of data capture.In addition,we enhanced the design of hidden module according to the fundament of honeypot.Through the simulation test in the lab,the honeypot system was used to confront worms which are extensively popular in internet, So we can obtain experience.Honeypot technology is still in the continuous developing process, but we can affirm that it is an important part of network security architecture.With thorough study on honeypot technology,the function of honeypot will be more outstanding. |
PDF Full Text Request