本文選題：網(wǎng)絡(luò)安全 + 惡意代碼��； 參考：《北京郵電大學(xué)》2014年碩士論文

【摘要】：在互聯(lián)網(wǎng)技術(shù)出現(xiàn)之后,社會(huì)的發(fā)展逐漸步入了網(wǎng)絡(luò)時(shí)代,網(wǎng)絡(luò)的普及促進(jìn)了信息的傳播,加快了社會(huì)發(fā)展的步伐。隨著互聯(lián)網(wǎng)技術(shù)的繁榮發(fā)展,網(wǎng)絡(luò)用戶數(shù)量激增,各類互聯(lián)網(wǎng)技術(shù)的應(yīng)用給人們的生活帶來了諸多便利。與此同時(shí),互聯(lián)網(wǎng)的安全問題也暴露出來,惡意代碼的威脅尤為突出。 本文主要針對(duì)基于蜜罐技術(shù)的惡意代碼捕獲技術(shù)進(jìn)行了研究。首先,介紹了蜜罐技術(shù)的概況,并且按照蜜罐捕獲惡意代碼的手段方式的不同以及蜜罐與網(wǎng)絡(luò)攻擊進(jìn)行交互的程度不同,將蜜罐分為了高交互蜜罐與低交互蜜罐,并對(duì)典型的蜜罐進(jìn)行了詳細(xì)分析,研究了典型蜜罐的技術(shù)原理、工作流程以及蜜罐結(jié)構(gòu) 本文嘗試提出了一種基于高交互、低交互兩類蜜罐相結(jié)合的惡意代碼捕獲方案。通過對(duì)高交互蜜罐技術(shù)和低交互蜜罐技術(shù)的優(yōu)勢(shì)與不足進(jìn)行分析對(duì)比,對(duì)當(dāng)前主流惡意代碼的傳播方式進(jìn)行研究和分析,提出了一種將高交互蜜罐與低交互蜜罐相結(jié)合、蜜罐集群部署、分布式部署的惡意代碼捕獲方案。該方案分別分析了基于低交互蜜罐和基于高交互蜜罐的兩種惡意代碼捕獲方案。針對(duì)基于高交互蜜罐的惡意代碼捕獲方案,擴(kuò)展了利用爬蟲技術(shù)的具有主動(dòng)性的惡意代碼捕獲技術(shù)。 最后,本文設(shè)計(jì)并實(shí)現(xiàn)了一套基于蜜罐技術(shù)的惡意代碼捕獲系統(tǒng),對(duì)該系統(tǒng)的系統(tǒng)框架設(shè)計(jì)以及主要模塊的功能進(jìn)行了闡述。系統(tǒng)被分別部署在局域網(wǎng)與校園網(wǎng)中進(jìn)行了系統(tǒng)測(cè)試實(shí)驗(yàn),針對(duì)實(shí)驗(yàn)數(shù)據(jù)進(jìn)行了分析,對(duì)整體方案以及系統(tǒng)設(shè)計(jì)進(jìn)行了分析和總結(jié)。
[Abstract]:After the emergence of Internet technology, the development of society has gradually stepped into the network era. The popularization of the network promotes the dissemination of information and speeds up the pace of social development. With the development of Internet technology, the number of Internet users has increased rapidly, and the application of various Internet technologies has brought a lot of convenience to people's life. At the same time, the security of the Internet also exposed, the threat of malicious code is particularly prominent. This paper mainly focuses on the malicious code capture technology based on honeypot technology. Firstly, the general situation of honeypot technology is introduced, and according to the different ways of honeypot capturing malicious code and the degree of interaction between honeypot and network attack, honeypot is divided into high interactive honeypot and low interactive honeypot. The typical honeypot is analyzed in detail, and the technical principle, workflow and honeypot structure of the typical honeypot are studied. This paper attempts to propose a malicious code capture scheme based on high interaction and low interaction honeypot. By analyzing and comparing the advantages and disadvantages of high interactive honeypot technology and low interactive honeypot technology, this paper studies and analyzes the communication mode of current mainstream malicious code, and proposes a combination of high interactive honeypot and low interactive honeypot. Honeypot cluster deployment, distributed deployment of malicious code capture scheme. Two kinds of malicious code capture schemes based on low interactive honeypot and high interactive honeypot are analyzed respectively. Aiming at the malicious code capture scheme based on high interactive honeypot, the active malicious code capture technology based on crawler technology is extended. Finally, this paper designs and implements a malicious code acquisition system based on honeypot technology, and describes the system framework design and the functions of the main modules. The system is deployed in the LAN and the campus network to carry out the system test experiment, the experimental data are analyzed, the overall scheme and the system design are analyzed and summarized.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 于成龍;于洪波;;網(wǎng)絡(luò)爬蟲技術(shù)研究[J];東莞理工學(xué)院學(xué)報(bào);2011年03期

2 孫立偉;何國輝;吳禮發(fā);;網(wǎng)絡(luò)爬蟲技術(shù)的研究[J];電腦知識(shí)與技術(shù);2010年15期

3 胡影;鄭康鋒;楊義先;;利用NVD漏洞數(shù)據(jù)庫挖掘網(wǎng)絡(luò)攻擊效果[J];計(jì)算機(jī)科學(xué);2008年03期

4 劉波,劉惠,胡華平,黃遵國;計(jì)算機(jī)漏洞庫系統(tǒng)的設(shè)計(jì)、實(shí)現(xiàn)與應(yīng)用[J];計(jì)算機(jī)工程與科學(xué);2004年07期

5 梁培;;校園網(wǎng)病毒傳播機(jī)理分析與預(yù)防[J];中國教育網(wǎng)絡(luò);2009年Z1期

6 徐瑋;;U盤病毒的分析與防治[J];科技信息;2010年15期

7 李林濤;高崢;;基于網(wǎng)絡(luò)傳播的計(jì)算機(jī)惡意代碼及防御策略研究[J];科技信息;2011年05期

8 姚東鈮;;蜜罐技術(shù)的原理及現(xiàn)狀研究[J];企業(yè)導(dǎo)報(bào);2010年06期

9 楊定中;趙剛;王泰;;網(wǎng)絡(luò)爬蟲在Web信息搜索與數(shù)據(jù)挖掘中應(yīng)用[J];計(jì)算機(jī)工程與設(shè)計(jì);2009年24期

10 樊迅;王軼駿;;客戶端蜜罐原理及應(yīng)用研究[J];信息安全與通信保密;2009年03期

，

本文編號(hào)：1852984