Unlock instant, AI-driven research and patent intelligence for your innovation.

Honeynet dynamic configuration strategy generation method, configuration method and storage medium

A dynamic configuration and honeynet technology, applied in the field of network security, can solve problems such as lack of intelligence and dynamics, attacker restrictions, honeynet deception, etc., and achieve the effect of improving intelligence and camouflage and deception capabilities

Active Publication Date: 2022-05-13
NAT UNIV OF DEFENSE TECH
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The invention provides a honeynet dynamic configuration strategy generation method, a configuration method and a storage medium to solve the problem that the existing honeynet dynamic configuration scheme is insufficient in intelligence and dynamics, and the ability of the honeynet to deceive attackers is severely limited

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Honeynet dynamic configuration strategy generation method, configuration method and storage medium
  • Honeynet dynamic configuration strategy generation method, configuration method and storage medium
  • Honeynet dynamic configuration strategy generation method, configuration method and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] Such as figure 1 , figure 2 As shown, the present embodiment provides a honeynet dynamic configuration strategy generation method, including:

[0048] S1: Construct a security knowledge graph containing honeynet dynamic configuration strategies.

[0049] Specifically, the security knowledge graph constructed by the present invention is a knowledge graph in the field of network security oriented to honeynet configuration, which involves six dimensional ontologies, namely:

[0050] G=

[0051] They are the node dimension EN, the network dimension EW, the vulnerability dimension V, the attack behavior dimension AT, the attack mode dimension AM, the honeynet policy dimension S, and the relationship set R between each dimension. Among them, the node dimension and network dimension correspond to the business and equipment in the honeypot network field. The node dimension uses the IP address as the only primary key, and also records such as deployed services, installed sof...

Embodiment 2

[0069] This embodiment provides a honeynet dynamic configuration method, including:

[0070] Adopt the honeynet dynamic configuration strategy generating method as described in embodiment 1 to generate the honeynet dynamic configuration strategy;

[0071]According to the generated honeynet dynamic configuration strategy, the honeynet and the attributes of each honeypot node in the honeynet are dynamically configured, so that the state of the honeynet can meet the current security situation requirements, so as to achieve the effect of camouflage.

[0072] Preferably, the method further includes: acquiring dynamically configured honeynet data and feeding it back to the security knowledge graph, and iteratively correcting the security knowledge graph.

Embodiment 3

[0074] This embodiment provides a computer-readable storage medium, which stores a computer program, and when the computer program is loaded by a processor, implements the honeynet dynamic configuration policy generation method as described in Embodiment 1.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a Honeynet dynamic configuration strategy generation method, a Honeynet dynamic configuration strategy configuration method and a storage medium. The generation method comprises the following steps: constructing a security knowledge graph containing a Honeynet dynamic configuration strategy; acquiring state and event information in the service network and the honeynet; sensing a security situation based on the security knowledge graph and the acquired state and event information, and predicting a next attack behavior; and obtaining a dynamic configuration strategy of the honeynet based on the security knowledge graph and the predicted next attack behavior. Based on the characteristics extracted by the knowledge graph, different induction strategies can be adopted for various different types of network attacks, so that the flexibility of the dynamic honeynet is improved, the ability of the honeynet to actively decoy an attacker is improved, the honeynet can continuously induce the attacker to deeply attack while the honeynet is not easily found by the attacker, and the safety of the dynamic honeynet is improved. The purposes of delaying, tempting, tracing, evidence obtaining and the like are achieved, and a real target system is protected from being attacked.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a honeynet dynamic configuration strategy generation method, configuration method and storage medium. Background technique [0002] Knowledge Graph is an important direction for the development of artificial intelligence, mainly solving the problem of cognitive intelligence. It was officially proposed by Google on May 17, 2012. The original intention was to optimize Google's search capabilities and improve users' search quality and experience. In addition to realizing semantic understanding, the use of knowledge graphs can also reflect the relationship between entities. In essence, the definition of knowledge graph is "a semantic network (Semantic Network) that reveals the relationship between entities". It consists of pieces of knowledge. The process of knowledge formation includes three steps: knowledge extraction, knowledge representation and knowledge fusion. Each ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40G06F16/36G06F16/901
CPCH04L63/1491H04L63/205H04L63/1433G06F16/367G06F16/9024
Inventor 郑敏娇马宇峰吴波杨勤泗李然张晓孟进
Owner NAT UNIV OF DEFENSE TECH