Active Defense Security Model in the Application of Network Deception System Design
- 10.2991/isccca.2013.202How to use a DOI?
- Active defense, security model, network deception, honeypot, linkage
As the traditional network defense is built on intrusion detection and passive protection, which is weak at dynamic response. The network deception technology in active protection is analyzed, and a network deception system based on active security model is proposed in this paper. This system implements a visual service of Honeypot as bait, analyses intrusion data and extracts new features and rules to enlarge the intrusion detection system feature library. The defense policies could be delivered real-time by management center. The problems of false alarm and leaking alarm for firewall or IDS are improved. And the limitations of single technology on the cooperation are overcome by linkage of Honeypot, firewall, IDS and router. The efficiency of unknown intrusion detected is increased.
- © 2013, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Jiawei Du AU - Xing Zhang AU - Ying Zhou AU - Yongqiang Bai PY - 2013/02 DA - 2013/02 TI - Active Defense Security Model in the Application of Network Deception System Design BT - Proceedings of the 2nd International Symposium on Computer, Communication, Control and Automation (ISCCCA 2013) PB - Atlantis Press SP - 804 EP - 806 SN - 1951-6851 UR - https://doi.org/10.2991/isccca.2013.202 DO - 10.2991/isccca.2013.202 ID - Du2013/02 ER -