{"title":"云环境下的弹性混合蜜网","authors":"Nguyen Khac Bao, S. Ahn, Minho Park","doi":"10.5121/CSIT.2018.81809","DOIUrl":null,"url":null,"abstract":"When low-interaction honey net systems are not powerful enough and high-interaction honey net systems require a lot of resources, hybrid solutions offer the benefit’s of both worlds. Affected by this trend, more and more hybrid honey net systems have been proposed to obtain wide coverage of attack traffic and high behavioral ideality in recent years. However, these system themselves contain some limitations such as the high latency, the lack of prevention method for compromised honey pots, the waste of resources and the finger printing problem of honey pot that hinder them to achieve their goals. To address these limitations, we propose a new honey net architecture called Efficient Elastic Hybrid Honey net. Utilizing the advantages of combining SDN and NFV technologies, this system can reduce the response time for attack traffic, isolate compromised honey pots effectively, defeat the finger printing problem of honey pots, and optimize the resources for maintenance and deployment. Testing our system with real attack traffic, the results have showed that Efficient Elastic-Hybrid Honey net system is not only practical, but also very efficient.","PeriodicalId":72673,"journal":{"name":"Computer science & information technology","volume":" ","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2018-12-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"AN ELASTIC-HYBRID HONEYNET FOR CLOUD ENVIRONMENT\",\"authors\":\"Nguyen Khac Bao, S. Ahn, Minho Park\",\"doi\":\"10.5121/CSIT.2018.81809\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"When low-interaction honey net systems are not powerful enough and high-interaction honey net systems require a lot of resources, hybrid solutions offer the benefit’s of both worlds. Affected by this trend, more and more hybrid honey net systems have been proposed to obtain wide coverage of attack traffic and high behavioral ideality in recent years. However, these system themselves contain some limitations such as the high latency, the lack of prevention method for compromised honey pots, the waste of resources and the finger printing problem of honey pot that hinder them to achieve their goals. To address these limitations, we propose a new honey net architecture called Efficient Elastic Hybrid Honey net. Utilizing the advantages of combining SDN and NFV technologies, this system can reduce the response time for attack traffic, isolate compromised honey pots effectively, defeat the finger printing problem of honey pots, and optimize the resources for maintenance and deployment. Testing our system with real attack traffic, the results have showed that Efficient Elastic-Hybrid Honey net system is not only practical, but also very efficient.\",\"PeriodicalId\":72673,\"journal\":{\"name\":\"Computer science & information technology\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-12-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer science & information technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.5121/CSIT.2018.81809\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer science & information technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5121/CSIT.2018.81809","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
When low-interaction honey net systems are not powerful enough and high-interaction honey net systems require a lot of resources, hybrid solutions offer the benefit’s of both worlds. Affected by this trend, more and more hybrid honey net systems have been proposed to obtain wide coverage of attack traffic and high behavioral ideality in recent years. However, these system themselves contain some limitations such as the high latency, the lack of prevention method for compromised honey pots, the waste of resources and the finger printing problem of honey pot that hinder them to achieve their goals. To address these limitations, we propose a new honey net architecture called Efficient Elastic Hybrid Honey net. Utilizing the advantages of combining SDN and NFV technologies, this system can reduce the response time for attack traffic, isolate compromised honey pots effectively, defeat the finger printing problem of honey pots, and optimize the resources for maintenance and deployment. Testing our system with real attack traffic, the results have showed that Efficient Elastic-Hybrid Honey net system is not only practical, but also very efficient.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
