Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

CentOS high-interaction honeypot system based on Docker and implementation method thereof

A high-interaction, honeypot technology, applied in the field of Docker-based CentOS high-interaction honeypot system, can solve the problems of less research, low hacker interaction, and difficult to distinguish operations.

Inactive Publication Date: 2020-10-23
SICHUAN CHANGHONG ELECTRIC CO LTD
View PDF4 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are few studies on CentOS high-interaction honeypots
Although there are already some open source honeypot technologies based on Docker, which simulate some services of CentOS, these honeypots have several types of defects. First, they are not easy to attract hackers, and second, they have low interaction with hackers. , there may be no hacker entering or the hacker will leave the system after a small amount of operation after entering. Third, the operations of different hackers in the honeypot are not easy to distinguish. These factors will eventually make it difficult to collect effective data for analysis.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • CentOS high-interaction honeypot system based on Docker and implementation method thereof
  • CentOS high-interaction honeypot system based on Docker and implementation method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0024] Such as figure 1 As shown, a Docker-based CentOS high-interaction honeypot system includes:

[0025] Basic service module: Based on the basic CentOS image, a large number of other basic services are deployed to simulate the operating environment of the real host to achieve a high interaction effect. While deceiving the attacker to invade, it increases its own concealment and enables the attacker to stay longer in the system. Long time and not easy to find itself a honeypot. Specifically, it provides basic CentOS services. Mainly, using the convenient deployment feature of Docker, you can freely and effectively configure various services in the honeypot system, increase service categories, and improve the interaction between honeypots and hackers. First use Docker to pull the basic centos7 image as the basic image of this embodiment. After that, all kinds of basic services and vulnerability services are deployed based on this basic image, and various services are instal...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a CentOS high-interaction honeypot system based on Docker, and the system comprises: a basic service module which is used for deploying a large number of other basic services based on a basic CentOS mirror image, so as to simulate the operation environment of a real host, and improve the interactivity between a honeypot and a hacker; a vulnerability service module which isused for remaining common vulnerabilities and increasing the mode of entering the honeypot system while increasing the number of services in the honeypot system, reducing the difficulty of entering the honeypot system, enabling an attacker to enter the honeypot and collecting data of the attacker; and a data aggregation module which is used for analyzing the operation of the attacker after entering the honeypot system, aggregating all the operations performed by the same user in the honeypot system into one session id through a remote IP, a remote port, a process number and an operation time quadruple, analyzing the operation intention of the attack author and tracing an attack path. The invention further provides an implementation method of the CentOS high-interaction honeypot system based on the Docker. The CentOS high-interaction honeypot system based on the Docker plays a role in protecting real host service.

Description

technical field [0001] The invention relates to the technical field of computer network security, in particular to a Docker-based CentOS high-interaction honeypot system and an implementation method thereof. Background technique [0002] Honeypot technology is a technology to deceive Internet attackers. Generally, it can be considered that a honeypot is an unused but closely monitored network host, which contains false high-value resources and some loopholes to attract intruders to attack the honeypot host in order to protect the real host. At the same time, the honeypot can record all the instructions of the hacker to attack, so as to formulate a means of defense against attacks for use by the real host. Using honeypot technology can resist unknown attacks to a certain extent and enhance the protection ability of the actual system. [0003] Most of the existing honeypot technologies are data analysis technologies of low-interaction honeypots, or a more complex honeypot sy...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1416H04L63/1433H04L63/1491H04L67/025H04L67/06H04L67/1095
Inventor 张鑫书
Owner SICHUAN CHANGHONG ELECTRIC CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com