CAJ | 학술논문

全文分析了蠕虫病毒的危害和特征,提出一种自定义蜜罐系统的设计：结合入侵检测、虚拟蜜罐和数据挖掘技术,把自定义蜜罐置于DMZ中,利用欺骗地址空间技术捕获已知蠕虫,延缓未知蠕虫的扫描速度,并对相关日志进行数据挖掘,更新入侵检测系统的规则集,以便在遭受后续攻击时做出响应。探讨了自定义蜜罐系统在抵御蠕虫病毒攻击中的可行性和应用实现。
전문분석료연충병독적위해화특정,제출일충자정의밀관계통적설계：결합입침검측、허의밀관화수거알굴기술,파자정의밀관치우DMZ중,이용기편지지공간기술포획이지연충,연완미지연충적소묘속도,병대상관일지진행수거알굴,경신입침검측계통적규칙집,이편재조수후속공격시주출향응。탐토료자정의밀관계통재저어연충병독공격중적가행성화응용실현。
Full text analyzes the characteristics and harm of worm virus, and put forward a kind on custom honeypot system design： according to the intrusion detection, virtual honeypot and data mining technolog, put the custom honeypot into the DMZ, using guile address space technology capture known worms, delay the unknown worms scanning speed, and analyzes the log by data mining, update the intrusion detection system rules set, and make timely response and take measures in the subsequent attack. Discusses the custom honeypot system against the worm virus attack in the feasibility and the application implementation.