Traceability method of network attack and trapping based on honeypot technology
Since the traditional traceability methods such as log analysis,intrusion detection and so on mainly trace the source of attack through post-hoc analysis,it is difficult to meet the requirements of rapid and accurate traceability of attack and defense confrontation scenes,and the network attack trapping tracing method based on honeypot technology is proposed.In the attack and defense confrontation scenario,honey tanks are deployed to trap attackers to carry out network attacks,and collect attack traffic data,classify the traffic data of each attack end and protection end into multiple clusters,matching the clusters to judge the sending source of attack traffic,so as to realize the traceability of network attack trapping in the attack and defense confrontation scenario.The experimental results show that the design method can provide the IP address information of the network attack end accurately in the attack and defense confrontation scenarios,with high reliability.
honeypot technologyattack and defense confrontation scenariosnetwork attack
NETL
NSTL
万方数据
