蜜罐技术研究与应用进展  被引量:86

Honeypot Technology Research and Application

在线阅读下载全文

作  者:诸葛建伟[1,2] 唐勇[3] 韩心慧[4] 段海新[1,2] 

机构地区:[1]清华信息科学与技术国家实验室(清华大学),北京100084 [2]清华大学网络科学与网络空间研究院,北京100084 [3]国防科学技术大学计算机学院,湖南长沙410073 [4]北京大学计算机科学技术研究所,北京100871

出  处:《软件学报》2013年第4期825-842,共18页Journal of Software

基  金:国家自然科学基金(61003127;61003303);国家重点基础研究发展计划(973)(2009CB320505);国家242信息安全计划(2011A40)

摘  要:蜜罐是防御方为了改变网络攻防博弈不对称局面而引入的一种主动防御技术,通过部署没有业务用途的安全资源,诱骗攻击者对其进行非法使用,从而对攻击行为进行捕获和分析,了解攻击工具与方法,推测攻击意图和动机.蜜罐技术赢得了安全社区的持续关注,得到了长足发展与广泛应用,并已成为互联网安全威胁监测与分析的一种主要技术手段.介绍了蜜罐技术的起源与发展演化过程,全面分析了蜜罐技术关键机制的研究现状,回顾了蜜罐部署结构的发展过程,并归纳总结了蜜罐技术在互联网安全威胁监测、分析与防范等方向上的最新应用成果.最后,对蜜罐技术存在的问题、发展趋势与进一步研究方向进行了讨论.Honeypot is a proactive defense technology, introduced by the defense side to change the asymmetric situation of a network attack and defensive game. Through the deployment of the honeypots, i.e. security resources without any production purpose, the defenders can deceive attackers to illegally take advantage of the honeypots and capture and analyze the attack behaviors to understand the attack tools and methods, and to learn the intentions and motivations. Honeypot technology has won the sustained attention of the security community to make considerable progress and get wide application, and has become one of the main technical means of the lnternet security threat monitoring and analysis. In this paper, the origin and evolution process of the honeypot technology are presented first. Next, the key mechanisms of honeypot technology are comprehensively analyzed, the development process of the honeypot deployment structure is also reviewed, and the latest applications of honeypot technology in the directions of lnternet security threat monitoring, analysis and prevention arc summarized. Finally, the problems of honeypot technology, development treads and further research directions are discussed.

关 键 词:网络安全 蜜罐 蜜网 蜜场 威胁监测 恶意代码 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象