摘要
随着攻防速度加快和内网渗透增多,以欺骗技术为代表的主动防御思想变得重要。针对防守手段单一、迟缓,提出了一种基于软件定义安全的威胁诱捕机制,基于最大化业务吸引度和相关度构造高真实度的诱捕环境,并通过多应用编排实现自适应的跟踪朔源和隔离威胁,最终切断攻击链。
As the speed of attacks and defense becomes faster and internal network penetrationincreases,the mindset of active defense,deception for instance,is getting extremely important. We propose a software defined threat trapping mechanism comparing to former monotonous and slow defense techniques,where a luring environment is constructed based on maximizing business attraction and relevancy,application orchestration technique is leveraged to trace and contain threats adaptively,so finally the killchain is interrupted.
作者
刘文懋
刘威歆
Liu Wenmao;Liu Weixin(Nsfocus Information Technology Co.,Ltd.,Beijing 100089,China)
出处
《信息技术与网络安全》
2018年第7期9-12,32,共5页
Information Technology and Network Security
关键词
主动防御
欺骗
软件定义
安全
active defense
deception
software defined
security
