Design And Implementation Of The Virtual Honeynet Architecture And Key Technology

Traditional network security technologies, such as firewalls, intrusion detection, authentication, access control can protect users from hackers in some extent, but most of the security technology used is a passive security policy, most users will be aware of the attack after the loss of property and information, and when they want to track down hackers, hackers have long fled. In addition, many of the security technology is based on the characteristics of the rules match, mostly only against known attacks, and have high false alarms and leak alarm, and no way for unknown attacks.To solve this problem, security and technical personnel proposed a new network security technology-Honeynet, which based on active defense strategy. The Honey network meticulous planning to trick the environment to attract hackers invasion, and thus understand their attack ideas, avenues of attack, attack tools, and attack the purpose of information, especially the learning of a variety of unknown attacks. According to the information obtained, the security organization can better understand network system, the current threats, and know how to stop these dangerous place.Firstly, a comprehensive and in-depth reviews the the Honeynet related research, introduced the basic concepts of the Honeynet Honeynet course of development, as well as the Honeynet features and value in use. Analysis of the inadequacies of the existing honeynet system, combined with the current security requirements designed the architecture of a virtual honeynet. After the core features and key techniques of virtual honeynet research and analysis, such as data capture to determine the virtual honeynet to capture the amount of data, data types, in order to increase the honeynet data capture, redirect technology; data control determines the the risks and value of a virtual honeynet, in order to further strengthen the data control functions, using black and white list technology; data analysis determines the data captured and collected from the control information processing, order to further improve data analysis capabilities, using automatically information classificate techniques.Based on the proposed solution of virtual honeynet architecture and key technologies, the paper designed and implemented a virtual honeynet system. And in accordance with the virtual honeynet design requirements and the goal from the three core functions of the virtual honeynet system performance testing and evaluation. Experimental simulation and test cases verified the virtual honeynet system functions work well and meet the design requirements.