检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:高奇 贡晓静[2] 黄蕊 黄承麟 周深永 Gao Qi;Gong Xiaojing;Huang Rui;Huang Chenglin;Zhou Shenyong(Guangxi Financial Information Management Center,Nanning 530021,China;Guangxi Police College,Nanning 530028,China;Guangxi Sifang Huitong Talent Service Co.,Ltd.,Nanning 530021,China;Guangxi Haohua Technology Co.,Ltd.,Nanning 530022,China)
机构地区:[1]广西财政信息管理中心,广西南宁530021 [2]广西警察学院,广西南宁530028 [3]广西四方汇通人才服务有限责任公司,广西南宁530021 [4]广西昊华科技股份有限公司,广西南宁530022
出 处:《无线互联科技》2024年第9期126-128,共3页Wireless Internet Technology
摘 要:由于传统日志分析、入侵检测等溯源方法主要通过事后分析来追溯攻击源头,难以满足攻防对抗场景对溯源工作的快速、准确的要求,文章提出基于蜜罐技术的攻防对抗场景下网络攻击诱捕溯源方法。在攻防对抗场景中部署蜜罐诱捕攻击者实施网络攻击,并收集攻击流量数据,把每一个攻击端和防护端的流量数据归为多个簇,对簇进行匹配判断攻击流量的发送源,实现攻防对抗场景下网络攻击诱捕溯源。实验结果表明,该方法在攻防对抗场景下可以准确提供网络攻击端的IP地址信息,具有较高的可靠性。Since the traditional traceability methods such as log analysis,intrusion detection and so on mainly trace the source of attack through post-hoc analysis,it is difficult to meet the requirements of rapid and accurate traceability of attack and defense confrontation scenes,and the network attack trapping tracing method based on honeypot technology is proposed.In the attack and defense confrontation scenario,honey tanks are deployed to trap attackers to carry out network attacks,and collect attack traffic data,classify the traffic data of each attack end and protection end into multiple clusters,matching the clusters to judge the sending source of attack traffic,so as to realize the traceability of network attack trapping in the attack and defense confrontation scenario.The experimental results show that the design method can provide the IP address information of the network attack end accurately in the attack and defense confrontation scenarios,with high reliability.
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.49