Active Defense Technology And System Implementation Of Virtualized Network

With the rapid development of information in China,the network has become an indispensable part of everyone's work and life.The dependence of society on the network is also increasing.While the network is convenient for us,the various network security problems also bring great panic to people.Network security has become a prominent problem in the current and future.At present,many major applications,such as control access,intrusion detection,identity authentication,etc.,make the system in a state of waiting for hacker attacks.Based on the particularity of network security,this system uses virtual machine technology and honeypot technology to reduce the dependence on the actual environment,analyzes the information of intruders,improves the detection capability of the platform,turn the passive defense into active defense.The main content of this thesis is to study how to design a network security intrusion and defense platform in the virtualized environment.By simulating an attacker's intrusion into the network system,the platform increases the probability of the attacker to discover the honeypot machine through address allocation,and induces the attacker to invade the honeypot machine.The attack record of the attacker is captured by keystroke capture module,system log file analysis module,file system monitoring module,etc.Then,it will be stored in a hidden directory,providing information for the next data analysis and processing of vulnerabilities in the network system.Finally,through the data presentation subsystem,it reveals the status of the network intrusion and the defense platform and the invasion of the attacker.First,this thesis analyzes the current situation of network intrusion and defense platform and the related problems,and proposes a honeynet platform to study the research.Then,this thesis analyzes business requirements and related key technologies.The virtual network model is based on the need to describe the algorithm,and according to the model to implement the virtualization network platform.Implementation of high performance data control,dynamic allocation of resources,capture data,data presentation and other functions.Finally,this paper verifies the security and correctness of network intrusion and defense platform from test and performance.