基于入侵诱骗技术的网络安全系统的研究与实现

【作者】 周光宇；

【导师】 王果平；

【作者基本信息】 中南大学 ， 计算机技术， 2007， 硕士

【摘要】 随着计算机技术尤其是网络技术的发展，计算机系统已经从独立的主机发展到复杂的、互联的开放式的系统，这给人们在信息利用和资源共享上带来了便利，但是这种发展也带来了越来越多的网络安全问题。计算机安全的3大中心目标是保密性(Confidentiality)、完整性(Integritiy)、可用性(Availability)。长期以来，人们在实现这3大目标的过程中进行了不断的探索和研究。最早提出的是采用访问控制机制来保证系统安全的计算机安全模型，随后发展起来的是防火墙技术，这些技术降低了网络安全的隐患，但是以上的几种安全策略都是属于静态的安全防御技术，对网络环境下日新月异的攻击手段缺乏主动的反应，无法得知入侵者真正的入侵手段。本课题研究入侵诱骗技术，从新的角度去解决网络安全问题，通过建立一个或多个陷阱网络，牵制和转移黑客的攻击，对黑客入侵方法进行技术分析，对网络入侵进行取证甚至对入侵者进行跟踪。本课题针对湖南建材高等专科学校的校园网络环境，利用蜜罐技术和snort入侵检测软件建立一套入侵诱骗系统，并与湖南长沙博华科技有限公司的博华网龙千兆防火墙YG-FWS-NP和博华网龙入侵检测系统YG-IDS-S配合，共同搭建了校园网安全系统，实现了与其他技术更紧密的集成和协作。本系统具备了一定的早期预警和预测功能，Honeypot不仅能够检测出新的攻击趋势，还能捕获新的攻击工具。这些信息都可用作早期的预警。经过半年多的实际运行，证明该系统在校园网安全管理方面有较好的作用，特别是对防止内部攻击有较好的效果。更多还原

【Abstract】 As the computer technology developing especially network ,Thecomputer system has developed involvedv, connected and opened systemfrom the unaid mainframe, That brings more expedience for people makeuse of message and resources in common ,But also brings more networksecurity problems.The three center destination of computer security isconfidentiality、integrity、availability.Since long time,in realizes in thisthree center destination process to carry on the exploration and theresearch.Most early proposes is uses the access control mechanism toguarantee the system security of computer security model,Afterwards thefirewall technology is developing, That reduced the hidden dager ofnetwork,but above of all is belongs to static thesafe defense technology, Itis lacks the initiative response for the network attack now, So it unable toknow the invasion method from the intruder.This topic to reseach the intrusion deception technique, that solves thenetwork security problem by a new way, establishes one or many traps, todivert and to shift hacker’s attack, Then to analysis the hacker’s attack,we can tracing and getting the evidence.This topic in view of the network environment of HUNAN BuildingMaterial college,using the HoneyPot technology and snort intrusiondetection software establish the intrusion deception technique system,With HuNan province ChangSha BoHua science company’sYG-FWS-NP and YG-IDS-S,build university network security system incommon, with other technology more tightly integrated and cooperateclosely came ture.This system have certain early warning and forecastfunction,HoneyPot not only check up new attack trends,also can catch thenew attack tool.These Messages were used for early warning.This systemhave actual operated half a year, have shown that had a positive effect inuniversity network security management, especially have a very goodeffect in prevent inside attack.更多还原