| 基于无硬盘Honeypot的入侵防御系统 |
| |
| 引用本文: | 叶禾田,蔡昀璋. 基于无硬盘Honeypot的入侵防御系统[J]. 上海交通大学学报, 2012, 46(2): 289-295 |
| |
| 作者姓名: | 叶禾田 蔡昀璋 |
| |
| 作者单位: | (南台科技大学 信息传播研究所, 台湾 台南 71005) |
| |
| 基金项目: | “国家科学委员会”资助(99-2221-E-218-037-) |
| |
| 摘 要: | 通过DRBL(Diskless Remote Boot in Linux)建立无硬盘环境的诱捕系统(Honeypot system),并融合入侵防御系统优越的入侵检测与防御能力,使入侵防御系统不仅能检测恶意活动也具备诱捕功能.当检测出恶意行为时及时警告网络管理人员,并立即将恶意行为引导至Honeypot,由与恶意行为互动的过程,详细纪录其活动行为、入侵方法、入侵管道,以供网管人员日后进行系统修补更新时参考,可大幅减少系统漏洞和大幅提升系统安全性.
|
| 关 键 词: | 无硬盘远程开机系统 诱捕系统 入侵防御系统 |
| 收稿时间: | 2010-05-21 |
Intrusion Prevention System Based on Diskless Honeypot |
| |
| YE He-Tian,CAI Yun-Zhang. Intrusion Prevention System Based on Diskless Honeypot[J]. Journal of Shanghai Jiaotong University, 2012, 46(2): 289-295 |
| |
| Authors: | YE He-Tian CAI Yun-Zhang |
| |
| Affiliation: | (Department of Information and Communication, Southern Taiwan University, Taiwan Tainan 71005) |
| |
| Abstract: | The plan is mainly based on DRBL(Diskless Remote Boot in Linux) to establish diskless Honeypot system and integrate intrusion prevention system(IPS) superior invasion examination and defense capability.It enables the IPS system not only to examine the malicious activity also to entrap the malicious attack.When examining the malicious act,it can warn network administrator immediately and guide the malicious act to Honeypot.By the interaction with malicious act,it can record its behavior,the invasion method and channel,provide the network administrator renewal to patch the system,reduce the system loophole and promote security largely. |
| |
| Keywords: | diskless remote boot in Linux(DRBL) Honeypot system intrusion prevention system(IPS) |
| 本文献已被 CNKI 等数据库收录! |
| 点击此处可从《上海交通大学学报》浏览原始摘要信息 |
|
点击此处可从《上海交通大学学报》下载全文 |
