Honeynet protection method and system

A honeynet and business system technology, applied in the field of network security, can solve the problem that the honeynet system is easy to be discovered by attackers, and cannot realize the concealment protection and forensics of the honeynet, so as to increase the business network overhead, be difficult to discover, The effect of improving concealment

Active Publication Date: 2017-11-21
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF4 Cites 32 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, in the existing technology, when the honeynet system is constructed, only the simulation of the business system is considered, that is, the honeynet system can provide the response and interaction of the business logic like the real business system, but the network adopts a method different from that of the business system. For advanced intrusion threats, the honeynet system is easy to be discovered by attackers, and the honeynet concealment protection and evidence collection cannot be achieved.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Honeynet protection method and system
  • Honeynet protection method and system
  • Honeynet protection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The following will clearly and completely describe the technical solutions in the embodiments of the present invention in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0044] In order to further improve the concealment of the honeynet system, in the embodiment of the present invention, when abnormal data traffic is detected, a virtual honeynet system is created, and the business of the business system corresponding to the destination address of the virtual honeynet system and the abnormal data traffic access is guaranteed The logic is consistent with the network configuration, and when it is determined to be a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the field of network security, and especially relates to a Honeynet protection method and system. The method includes the following steps: detecting whether the data traffic entering a business system is abnormal; after detecting abnormal data traffic, creating a virtual Honeynet system according to a business system corresponding to a destination address accessed by the abnormal data traffic; and carrying out network configuration on the virtual Honeynet system according to the network configuration of the business system, and scheduling the abnormal data flow to the virtual Honeynet system. The virtual Honeynet system consistent with the business service of the business system is created, and network configuration is carried out on the virtual Honeynet system. The consistency between the virtual Honeynet system and the business system in business logic and network configuration is ensured, the virtual Honeynet system is more concealed, and attack seduction and forensic analysis are more concealed and less detectable to attackers. Moreover, the deployment is relatively simple, and the method and the system can be quickly deployed to an SDN (Software Defined Network) to achieve security protection without increasing the overhead of the business network.

Description

technical field [0001] The invention relates to the field of network security, in particular to a honeynet protection method and system. Background technique [0002] Honeynet is a new type of trapping network system gradually developed on the basis of honeypots, and it is an active defense method proposed by the offensive and defensive players in a passive environment. With the continuous development of virtualization technology, more and more people pay attention to the dynamic virtual honeynet. The virtual honeynet can dynamically plan and build the honeynet according to the attacker's access behavior, and can attack and deceive more quickly. And analyze the attack behavior. [0003] The realization of a dynamic virtual honeynet is inseparable from the accurate simulation of the business network and the flexible scheduling of traffic. With the continuous maturity of software-defined networking (Software Defined Networking, SDN) technology, its logically separated contro...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1466H04L63/1491
Inventor 江国龙刘文懋梁琼瑶
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap