出版社:Academy & Industry Research Collaboration Center (AIRCC)
摘要:When low-interaction honey net systems are not powerful enough and high-interaction honeynet systems require a lot of resources, hybrid solutions offer the benefit’s of both worlds.Affected by this trend, more and more hybrid honey net systems have been proposed to obtainwide coverage of attack traffic and high behavioral ideality in recent years. However, thesesystem themselves contain some limitations such as the high latency, the lack of preventionmethod for compromised honey pots, the waste of resources and the finger printing problem ofhoney pot that hinder them to achieve their goals. To address these limitations, we propose anew honey net architecture called Efficient Elastic Hybrid Honey net. Utilizing the advantagesof combining SDN and NFV technologies, this system can reduce the response time for attacktraffic, isolate compromised honey pots effectively, defeat the finger printing problem of honeypots, and optimize the resources for maintenance and deployment. Testing our system with realattack traffic, the results have showed that Efficient Elastic-Hybrid Honey net system is not onlypractical, but also very efficient.
关键词:Honey net; Honey pot; Elastic; Hybrid; Software defined Networking; Network Function Virtualization
