| 蜜罐识别技术研究 |
| |
| 引用本文: | 沈铭,薛质,王轶骏.蜜罐识别技术研究[J].信息安全与通信保密,2011(5):91-93. |
| |
| 作者姓名: | 沈铭 薛质 王轶骏 |
| |
| 作者单位: | 上海交通大学信息安全工程学院,上海,200240 |
| |
| 摘 要: | 蜜罐技术是一种欺骗入侵者以达到采集黑客攻击方法和保护真实主机目标的诱骗技术,它的核心价值在于被探测、被攻击或者被威胁,以此达到对这些攻击活动的检测与分析,从而了解攻击者的目的、攻击手段甚至于心理习惯,最终实现从观察攻击者的行为中学习到深层次的信息保护的方法。在蜜罐技术的应用过程中,最为关键的一点就是蜜罐系统对攻击者所具有的迷惑性。从蜜罐系统特有的系统特征、硬件特征以及网络特征出发,分析各种蜜罐系统或者虚拟机系统中可能存在的一些可识别的特性,提出一些识别方案并针对部分方法进行了编程识别,希望能够引起安全行业的重视,能够推动蜜罐技术的发展。
|
| 关 键 词: | 蜜罐 虚拟机 探测 识别 |
Study on Honeypot Detection Technology |
| |
| SHEN Ming,XUE Zhi,WANG Yi-jun.Study on Honeypot Detection Technology[J].China Information Security,2011(5):91-93. |
| |
| Authors: | SHEN Ming XUE Zhi WANG Yi-jun |
| |
| Affiliation: | SHEN Ming,XUE Zhi,WANG Yi-jun(Institute of Information Security Engineering,Shanghai Jiaotong University,Shanghai 200240,China) |
| |
| Abstract: | Honeypot technology is employed to trap attacks,thus to collect the attack information and protect the real host.The core value of the honeypot lies in being detected,attacked and threatened,with this,the people could analyze the attack,know its attack purpose,means and strategies,and finally learn in-depth information protection methods.In the application of honeypot technology,the most important point is the misleading of the attackers.This paper analyzes the identifiable points of the honeypot and virtua... |
| |
| Keywords: | honeypot virtual machine detection identification |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
