中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/83973
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 78937/78937 (100%)
造访人次 : 39425462      在线人数 : 468
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/83973


    题名: TPSH: A Mechanism to Transform a Productive System to a Honeypot
    作者: 石明裕;Shih, Ming-Yu
    贡献者: 資訊工程學系
    关键词: Snort;蜜罐;虛擬機遷移;Snort;Honeypot;VM Migration
    日期: 2020-07-23
    上传时间: 2020-09-02 17:48:38 (UTC+8)
    出版者: 國立中央大學
    摘要: 傳統上,企業大多採取防火牆、入侵偵測系統和防毒軟體這一類的被動式防禦,這些防禦措施通常是仰賴既有的規則,針對已知的攻擊型態進行防禦,如果遇到從未出現過的新型態攻擊,這些防禦就會形同虛設一般。

      蜜罐(Honeypot)是近年來興起的一種主動式防禦,透過模擬一個網路服務或有漏洞的環境,吸引攻擊者來入侵,藉此收集攻擊者入侵機器的資訊。透過這些資訊,可以了解攻擊者所使用的攻擊手法,並針對現有防護中較為脆弱的部分進行補強。

      然而,現有的蜜罐卻有一些限制,例如,攻擊者可能會察覺蜜罐的存在、蜜罐收集的資訊不夠貼近真實情況、佈建無生產力的蜜罐需要消耗額外的資源等等。

      本篇論文整合了入侵偵測系統、蜜罐以及虛擬機遷移機制,將一個生產系統轉換成一個蜜罐,能夠克服上述蜜罐現有的限制。;Traditionally, enterprises have adopted passive defenses such as firewalls, intrusion detection systems and anti-virus software. These defenses usually rely on established rules to defend against known attack patterns. Faced with a new type of attack that has never appeared, these defenses will be completely useless.

      Honeypot is an active defense that has emerged in recent years. By emulating a network service or a vulnerable environment, it attracts attackers to invade, thereby collecting information about attackers invading machines. Through this information, enterprise can understand the attack methods used by attackers and strengthen the weaker parts of the existing protection.

      However, the existing honeypots have some limitations. For example, an attacker may detect the existence of honeypots, the information collected by honeypots is not close enough to the real situation, and the deployment of an unproductive honeypot requires additional resources.

      This paper integrates intrusion detection system, honeypot and virtual machine migration mechanism to transform a productive system into a honeypot, which can overcome the existing limitations of honeypots.
    显示于类别:[資訊工程研究所] 博碩士論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    index.html0KbHTML162检视/开启


    在NCUIR中所有的数据项都受到原著作权保护.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明