{"title":"基于蜜罐技术的移动通信安全防御方法","authors":"Jia Xu, Yang Guo","doi":"10.1109/ITCA52113.2020.00110","DOIUrl":null,"url":null,"abstract":"In the era of industrial Internet, the development trend of digitization, networking, and intelligence has made more and more industrial control equipment that are originally in a closed environment exposed to the public Internet, facing the threat of attacks from the Internet. Moreover, honeypot is a new type of active defense technology, which attracts hackers to launch attacks by disguising as devices and systems that seem to be valuable. After capturing and analyzing the attack behavior, it understands the attack tools and methods, and guesses the attacker’s intention and motivation. Based on the utilization of an unsupervised clustering algorithm, an information classification method is proposed in the paper. First, honeypots attack behaviors are captured with high and low interaction. Then, through redirection technology, normal access requests are forwarded to the real server for processing, and abnormal accesses are forwarded to the honeypot virtual machine to deal with. Finally, by selecting traditional tools for comparative testing, the experiment proves that the algorithm proposed in the paper can well defend and monitor as well as discover the behavior and information of the above attack events.","PeriodicalId":103309,"journal":{"name":"2020 2nd International Conference on Information Technology and Computer Application (ITCA)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Mobile Communication Security Defense Method Based on Honeypot Technology\",\"authors\":\"Jia Xu, Yang Guo\",\"doi\":\"10.1109/ITCA52113.2020.00110\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the era of industrial Internet, the development trend of digitization, networking, and intelligence has made more and more industrial control equipment that are originally in a closed environment exposed to the public Internet, facing the threat of attacks from the Internet. Moreover, honeypot is a new type of active defense technology, which attracts hackers to launch attacks by disguising as devices and systems that seem to be valuable. After capturing and analyzing the attack behavior, it understands the attack tools and methods, and guesses the attacker’s intention and motivation. Based on the utilization of an unsupervised clustering algorithm, an information classification method is proposed in the paper. First, honeypots attack behaviors are captured with high and low interaction. Then, through redirection technology, normal access requests are forwarded to the real server for processing, and abnormal accesses are forwarded to the honeypot virtual machine to deal with. Finally, by selecting traditional tools for comparative testing, the experiment proves that the algorithm proposed in the paper can well defend and monitor as well as discover the behavior and information of the above attack events.\",\"PeriodicalId\":103309,\"journal\":{\"name\":\"2020 2nd International Conference on Information Technology and Computer Application (ITCA)\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 2nd International Conference on Information Technology and Computer Application (ITCA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ITCA52113.2020.00110\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 2nd International Conference on Information Technology and Computer Application (ITCA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITCA52113.2020.00110","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Mobile Communication Security Defense Method Based on Honeypot Technology
In the era of industrial Internet, the development trend of digitization, networking, and intelligence has made more and more industrial control equipment that are originally in a closed environment exposed to the public Internet, facing the threat of attacks from the Internet. Moreover, honeypot is a new type of active defense technology, which attracts hackers to launch attacks by disguising as devices and systems that seem to be valuable. After capturing and analyzing the attack behavior, it understands the attack tools and methods, and guesses the attacker’s intention and motivation. Based on the utilization of an unsupervised clustering algorithm, an information classification method is proposed in the paper. First, honeypots attack behaviors are captured with high and low interaction. Then, through redirection technology, normal access requests are forwarded to the real server for processing, and abnormal accesses are forwarded to the honeypot virtual machine to deal with. Finally, by selecting traditional tools for comparative testing, the experiment proves that the algorithm proposed in the paper can well defend and monitor as well as discover the behavior and information of the above attack events.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
