摘要
为增强蜜罐对未知漏洞、未知后门、未知攻击的防范能力,提高蜜罐的动态性、数据搜集能力、诱捕能力和溯源能力,基于内生安全体系结构,将其与蜜罐技术紧密结合,提出了一种能够主动防御兼诱捕的内生安全蜜罐模型。该模型利用内生安全动态、异构、冗余的特性解决蜜罐的安全性问题,利用内生安全特有的感知能力提高蜜罐的诱捕性和溯源性。最终理论分析和实验结果也表明,内生安全蜜罐在安全性、诱捕能力和溯源能力上都有明显提升。
To enhance the honeypot’s prevention ability against unknown vulnerabilities,unknown backdoors,and unknown attacks,improve the dynamics,data collection,trapping,and traceability of honeypots,this paper proposed an endogenous safety and security honeypot model that could actively defend and trap based on the endogenous safety and security architecture,which was closely combined with honeypot technology.This model used the endogenous safety and security characteristics of“dynamic,heterogeneous,redundant”to solve the problem of the safety of the honeypot and used endogenous safety and security special awareness to improve the honeypot trap and traceability.The final theoretical analysis and experimental results show that the endogenous safety and security honeypot has significantly improved in security,trapping ability,and traceability.
作者
原浩宇
郭军利
许明洋
Yuan Haoyu;Guo Junli;Xu Mingyang(School of Cyber Science&Engineering,Zhengzhou University,Zhengzhou 450002,China;Zhongyuan Network Security Research Institute,Zhengzhou University,Zhengzhou 450002,China)
出处
《计算机应用研究》
CSCD
北大核心
2023年第4期1194-1202,共9页
Application Research of Computers
基金
国家电网有限公司总部科技项目(5108-202224046A-1-1-ZN)
中国高校产学研创新基金—未来网络创新研究与应用项目(2021FNB01002)
河南省重大科技专项资助项目(221100210100)。
关键词
蜜罐
内生安全体系结构
内生安全蜜罐
honeypot
endogenous safety and security architecture
endogenous safety and security honeypot
