摘要(英) |
The technique of Internet attack is always changing, so making the internet security faces an ever harsher challenge. We have to adjust the attitude from passive defense to promoting active and positive defense. By collecting the information of attacks and analyzing the information and methods of the attackers, this will enhance the ability of defenders to effectively discourage and further to counter malicious internet attacks.
Honeypot is a representative of positive information security defense system (mainly for the current common web threats, such as drive-by download, malicious websites, web tampering, and remote attacks), which provides a mechanism to detect and counter attacks. Some foreign security companies are building similar systems, but few domestic security companies have built such systems. In recent years, the largest Internet Service Provider (ISP) in Taiwan – ChungHwa Telecom built a successful Honeypot, thus motivating this study.
This thesis investigates how ChungHwa Telecom has successfully built a Honeypot system. The study applies the case study method and interviews four experts in building this Honeypot in the different groups. In order to investigate the background of problems encountered and solutions implemented, this study analyzes the tangible and intangible benefits of this system. Finally, the study summarizes the critical success factors for building this system. In addition to full support of top management and sufficient budget, an excellent building team, the company’s heavy network traffic, and widely distributed network nodes, coupled with the maturity of virtualization technology and the help of high-performance hardware, all are critical factors for the successful implementation of the Honeypot system,. This study can provide some guidelines for other companies when building a Honeypot system.
|
參考文獻 |
【中文文獻】
1. Bigelow, S. J. 著、李哲賢譯(2010),「為資料中心選擇下一代虛擬伺服器」,虛擬數據中心期刊2010年6月刊,2010年6月。
2. Yin, R. K. 著、尚榮安譯(2001),「個案研究法 (COSMOS Corporation)」,弘智文化事業,2001年。
3. 大前研一著、黃宏義譯(1985),「策略家的智慧」,長河出版社,1985年。
4. 吳永彬(2007),「網際網路惡意網站偵測機制之研究」,國立高雄第一科技大學資訊管理所碩士論文,2007年6月。
5. 吳思華(1988),「產業政策與企業策略」,中國經濟企研所,1988年。
6. 孟德芸(1992),「企業成功關鍵因素之研究-以個人電腦產業為實證」,國立中興大學企管研究所碩士論文,1988年6月。
7. 邱憶惠(1999),「個案研究法:質化取向」,國立高雄師院大學教育學系教育研究期刊第7期,1999年,頁113-127。
8. 孫學智(2008),「整合誘捕與弱點檢測技術之入侵偵測機制」,大葉大學資訊管理學系碩士在職專班,2008年6月。
9. 殷子江、顧躍舉、譚敏(2007),「Honeypot技術研究」,網絡安全技術與應用,第七十四期,2007年,頁38-41。
10. 陳慶得(2001),「連鎖式經營關鍵成功因素之探討-以美語補習業為例」,淡江大學管理科學研究所碩士論文,2001年6月。
11. 陶德文(2011),「打造虛實結合的IT架構」,虛擬數據中心期刊2010年6月刊,2010年6月。
12. 賴明豐(2007),「蜜罐技術的分析與應用」,資通安全分析專論,2007年。
【英文文獻】
1. Aaker, D. A. (1984) , “Strategic Market Management,” John Wiley and Son Published. New York, 1984, pp.27-35.
2. Daniel, R. D. (1961) , “Management Information Crisis,” Harvard Business Review. Sep-Oct, 1961.
3. DeLone, W. H. & McLean, E. R. (2003) , “The DeLone and McLean Model of Information Systems Success: A Ten-Year Update, ” Journal of Management Information Systems, 19(4) , pp.9-30.
4. Gupta, N. (2003) , “Improving the Effectiveness of Deceptive Honeynets through an Empirical Learning Approach,” School of Computer and Information Science Edith Cowan University, Australia, 2003.
5. Heizer, J. & Render, B. (2001) , “Operations Management,” Prentice Hall, sixth edition, 2001, pp.292-294.
6. Provos, N. (2003), “A virtual honeypot framework,” Technical Report, 03-1, Center of Information Technology Integration, University of Michigan.
7. Rockart, J. F. (1979) , “Chief Executives Define Their Own Date Needs,” Harvard Business Review (Mar-Apr) , pp.86-87.
8. Schoemaker, Paul J. H. (2002) , “Profiting from Uncertainty,” Free Press, 2002.
9. Stoll, C. (1990) , “The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage,” America, Pockets Books.
10. Wixom, B. H. & Watson, H. J. (2001) , “An Empirical Investigation of the Factors Affecting Data Warehousing Success,” MIS quarterly, Vol.25, No.1, pp.17-41.
【網站文獻】
1. Cohen, F. (1997) , Deception Tool Kit, (Accessed 2011/1/7, available http://all.net/contents/dtk.html)
2. Computer Security Institute (2009) , “CSI Computer Crime and Security Survey,” (Accessed 2010/12/7,available http://gocsi.com/survey)
3. 中華電信SOC365網站(2011),「HiNet 整體威脅趨勢分析」, (Accessed 2011/2/7, available http://soc365.hinet.net/portal.php)
4. 中華電信公司網頁(2010),「中華電信公司組織系統圖及各分公司工作職掌表」, (Accessed 2011/3/7, available at http://www.cht.com.tw/CompanyCat.php?CatID=528)
5. 中華電信公司網頁(2011),「中華電信公布99年自結合併營運成果」, (Accessed 2011/3/7, available http://www.cht.com.tw/CompanyCat.php?CatID=4&NewsID=4253&Page=HotNewsDetail)
6. 中華電信公司網頁(2011),「中華電信股份有限公司主要業務客戶數狀況表」, (Accessed 2011/3/7, available http://www.cht.com.tw/CompanyCat.php?CatID=241)
7. 內政部行政警察局科技犯罪防制中心(2006),「僵屍電腦肆虐,台灣網路受害全球高居第六」, (Accessed 2011/1/7, available http://www.cib.gov.tw/news/news02_2.aspx?no=261)
8. 台灣Honeypot Project,http://www.honeynet.org.tw/
9. 國家通訊傳播委員會(2010),「固網業者之市占率」, (Accessed 2011/4/28, available http://www.ncc.gov.tw/chinese/files/11041/1994_19853_110414_1.pdf)
10. 國際Honeypot Project,http://www.honeynet.org/
11. 賽門鐵克公司網頁(2009),「網路安全威脅研究報告」, (Accessed 2011/1/7, available http://www.symantec.com/zh/tw/business/theme.jsp?themeid=threatreport)
12. 賽門鐵克公司網頁(2010),「網路安全威脅研究報告」, (Accessed 2011/1/7, available http://www.symantec.com/zh/tw/business/theme.jsp?themeid=threatreport)
|