| 抵御蠕虫攻击的一种方法-Honeypot系统 |
| |
| 引用本文: | 黄敏. 抵御蠕虫攻击的一种方法-Honeypot系统[J]. 西南科技大学学报, 2005, 20(2): 10-12,22 |
| |
| 作者姓名: | 黄敏 |
| |
| 作者单位: | 西南科技大学网络信息中心,四川,绵阳,621002 |
| |
| 摘 要: | Internet大面积遭受蠕虫攻击的事件时有发生,针对这种问题,引入Honeypot技术,结合入侵检测系统(IDS)、数据挖掘提出了一种解决办法:将Honeypot置于DMZ中,利用其欺骗地址空间技术覆盖服务器中没有用到的IP地址,捕获蠕虫;IDS监控流入网络的数据包,对入侵作出反映;系统日志异地保存。该系统能有效抵御目前已经出现的蠕虫攻击,同时对新出现的目前未知的蠕虫攻击也有很好的防御效果。
|
| 关 键 词: | 密罐 数据挖掘 入侵检测 蠕虫病毒 |
| 文章编号: | 1671-8755(2005)02-0010-03 |
Honeypot System to Defend Worm Attacks |
| |
| Huang Ming. Honeypot System to Defend Worm Attacks[J]. Journal of Southwest University of Science and Technology, 2005, 20(2): 10-12,22 |
| |
| Authors: | Huang Ming |
| |
| Abstract: | Recentely, more and more worm attacks happen on Internet. According to this situation, honey-pot technology with IDS and data mining is used to resolve the problem; Honeypot is put in DMZ. The address and space spoofing technology is utilized to cover the unused IP address and space. Then the worms are captured. IDS monitors the data pachet that flows into the internet, and then reacts to the attacks. The system log keeps it in other places. This new approach could defend present known worm attacks effectively, and have effect on some future unknown work attacks. |
| |
| Keywords: | Honeypot data mining intrusion detecion worm virus |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
