|
|
计算机应用研究 2009
Honeynet-based network security defense model
|
Abstract:
Though honeynet, which is based on an active defense, has overcome some of the shortcomings of traditional techniques, invaders can still attack the inner and outer networks through Honeynet, so there are still many insecure factors in honeynet. This paper proposed an active defense technology based on honeynet. Using DMZ (demilitarized zone) and two firewalls to prevent the inner network from being invaded, and using NIDS(network intrusion detection system) and flow control to prevent the outer network from being attacked. By this means, solved many problems both in the traditional network security model and honeynet.
