Network attack tracing method and device for honeypot trapping based on reverse proxy
According to the reverse proxy-based honeypot trapping network attack tracing method and device, an attacker is forcibly hijacked to a honeypot by using an HTTP reverse proxy server, a new thought is provided for an existing honeypot-based defense method that the attacker passively treads thunder, a...
Gespeichert in:
| Hauptverfasser: | , , , , , , , , , , , , , , , , , , , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | According to the reverse proxy-based honeypot trapping network attack tracing method and device, an attacker is forcibly hijacked to a honeypot by using an HTTP reverse proxy server, a new thought is provided for an existing honeypot-based defense method that the attacker passively treads thunder, and active defense of a honeypot system is enhanced. When the visitor is identified as a normal user, a normal page is returned, and when the visitor is identified as an attacker, the attacker is guided to a honeypot page. Due to the fact that the normal page and the honeypot page are the same URL, different returns are given according to different behaviors of visitors, the possibility that an attacker bypasses the honeypot by distinguishing the URL is broken, and the possibility is provided for a business unit to trap hackers through active intervention; according to the method, more information clues are provided for attack traceability by utilizing a traceability code in a honeypot page and a highly imitated hon |
|---|