A high-interaction ssh honeypot implementation method

An implementation method and high-interaction technology, applied in transmission systems, electrical components, etc., can solve the problems of low interaction of medium and low-interaction SSH honeypots, update and change SSH attacks, and insufficient decoy, so as to improve the value of honeypots, The effect of reducing complexity and facilitating intuitive observation

Active Publication Date: 2021-09-17
HOHAI UNIV
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The technical problem to be solved by the present invention is to overcome the defects of the prior art, provide a kind of SSH attack that can solve the passive defense technology that cannot be continuously updated due to the bottom of the valley, and the interaction degree of the medium and low interaction SSH honeypot is not high and the deception is insufficient. A high-interaction SSH honeypot implementation method to improve the security defense capability of the SSH service by being easily seen through and other defects

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A high-interaction ssh honeypot implementation method
  • A high-interaction ssh honeypot implementation method
  • A high-interaction ssh honeypot implementation method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The present invention will be further described below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention.

[0030] Such as figure 1 and figure 2 As shown, a kind of highly interactive SSH honeypot implementation method provided by the present invention: comprises the following steps:

[0031] Step 1: Try to connect to the SSH port of the system to determine whether there is SSH service, if there is SSH service, go to step 2.

[0032] Step 2: Use the logit function and the authctxt structure in OpenSSH to capture the authenticated username / password during password identity authentication. The specific operation steps are: (1) decrypt the password information on the server; (2) store the password in the authctxt structure (3) record the user name and password in the authctxt structure through the log...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a high-interaction SSH honeypot implementation method, comprising the following steps: connecting the system SSH port, judging whether there is SSH service, and entering the next step with the SSH service; using the logit function and the authctxt structure in OpenSSH in Capture the authenticated user name / password during password authentication; after the password authentication is successful, use the SSH service to process the client data through the pipeline and the user processing interactive session module, and modify the relevant module code to complete the shell Record passwords; control the outgoing flow of the honeypot system, including the two processes of external data packet restriction and external attack packet suppression; use javaweb technology to analyze, process and display the data captured by the honeypot system. A high-interaction SSH honeypot implementation method of the present invention can solve the SSH attack that passive defense technology cannot be continuously updated due to the bottom of the valley, and the low-interaction SSH honeypot has low interaction degree, insufficient deception, and is easy to be seen through. Improve the security defense capability of the SSH service.

Description

technical field [0001] The invention specifically relates to a high-interaction SSH honeypot implementation method, which belongs to the technical field of active defense in network information security. Background technique [0002] SSH (Secure Shell) can be used for remote login sessions and provide security services for other network services, and has become an indispensable part of corporate life. With the widespread use of this protocol, there are more and more malicious attacks against this service, which poses a huge challenge to network security. Nowadays, how to deal with malicious attacks against the service and take appropriate protective measures has become an important research topic in SSH service security. According to the attacker's habit of invading the system through the SSH service, real-time monitoring and capture of the attacker's behavior during the attack process, and the extracted intrusion behavior to understand the attack method used by the attacke...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/083H04L63/1416H04L63/1491H04L63/168
Inventor 石爱业丁日升
Owner HOHAI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap