Design And Implementation Of New Honeypot Based On Trusted Environment

The network has become a necessity in people's lives,and there are many derivatives of the network.Network attacks are one of them.Cyber security incidents are endless,and cyberspace has become the fifth-dimensional battlefield after ocean,land,sky,and space.Nowadays,network security is facing an unprecedented severe situation.Regardless of whether it is a country,an enterprise or an individual,they all attach great importance to network security issues.The emergence of honeypots has broken people's constant helplessness in front of attacks,and changed the passive situation where they can only use firewalls,intrusion detection and other technologies to wait for attacks.However,although honeypots can delay or even capture attacks by using the purpose and means of the attacker,the honeypot itself has certain risks.Once the honeypot deployed in front of the real business scenario is compromised,it may become an attacker Enter the springboard of the real systemBased on the above background,this paper proposes a trusted mechanism for honeypot,and designs a honeypot system scheme based on trusted mechanism.From the three directions of application,identity,and data,the trust strategy is formulated separately,and a new honeypot based on a trusted environment is finally formed.The honeypot-oriented trust mechanism is mainly composed of three parts,namely application trust based on integrity measurement,honeypot identity authentication mechanism based on Kerberos protocol and data trust based on custom protocol.It makes the real business scenarios in the rear get the maximum security protection in the entire life cycle of the honeypotAt the same time,this paper designs and implements a honeypot system based on a trusted environment based on the SpringBoot based on the trusted mechanism scheme proposed above.The system mainly includes three subsystems,namely user management subsystem,trusted mechanism application subsystem and honeypot subsystem.Finally,build a test environment to test and analyze the entire system.The feasibility of the trusted mechanism in the honeypot application was verified through experiments.The system's functional integrity and reliability were verified by putting the system online and running.