一种基于蜜网的网络安全防御技术
일충기우밀망적망락안전방어기술
Honeynet-based network security defense model
  • 万方数据
    计算机应用研究 계산궤응용연구
    APPLICATION RESEARCH OF COMPUTERS
    2009年 8期 3012-3014 ,共3页

    王铁方%李云文%叶宝生%杨屹%律原%诸立尚

    왕철방%리운문%협보생%양흘%률원%제립상

    蜜网%蜜罐%防火墙%入侵检测 蜜網%蜜罐%防火牆%入侵檢測
    밀망%밀관%방화장%입침검측
    honeynet%honeypot%firewall%intrusion detection
    基于主动防御的蜜网技术虽然在一定程度上克服了传统安全模型被动防御的缺陷,但入侵者仍能通过蜜网对内部网络和外部网络进行攻击,造成蜜网本身也存在一定的不安全因素.为此提出了一种基于蜜网的网络安全防御技术--用DMZ(非武装区)和两层防火墙来防止内部网络被入侵;用NIDS(网络入侵检测系统)和流量控制的方法来防止外部网络被攻击,从而较好地解决了传统网络安全模型存在的一些缺陷.
    기우주동방어적밀망기술수연재일정정도상극복료전통안전모형피동방어적결함,단입침자잉능통과밀망대내부망락화외부망락진행공격,조성밀망본신야존재일정적불안전인소.위차제출료일충기우밀망적망락안전방어기술--용DMZ(비무장구)화량층방화장래방지내부망락피입침;용NIDS(망락입침검측계통)화류량공제적방법래방지외부망락피공격,종이교호지해결료전통망락안전모형존재적일사결함.
    Though honeynet, which is based on an active defense, has overcome some of the shortcomings of traditional techniques, invaders can still attack the inner and outer networks through Honeynet, so there are still many insecure factors in honeynet. This paper proposed an active defense technology based on honeynet. Using DMZ (demilitarized zone) and two firewalls to prevent the inner network from being invaded, and using NIDS(network intrusion detection system) and flow control to prevent the outer network from being attacked. By this means, solved many problems both in the traditional network security model and honeynet.
    원문보기 원문다운로드 사이트로이동
저자의 최근 논문