关键词:网络安全; 分布式蜜网; 蠕虫; 传播模型
Study of worm propagation model based on distributed honeynet
ZHAO Narisa, ZHANG Xian-feng
(Institute of System Engineering, Dalian University of Technology, Dalian Liaoning 116024, China)
Abstract:In order to prevent serious threat posted by worm rapid propagation, used active security technology-distributed honeynet in ensuring the safety of network. The honeypot host under distributed honeynet performed high inveiglement to worms and possesses “come in easily, out strictly” data control policy, this influenced worm propagation and control. Considering the scale-free characters in topology structure and the characters of honeypot host, this paper presented a worm propagation model in the network which distributed honeynet have been deployed based on two-factor model, and gave a analysis to it. At last, validated the correctness of model over simulation experiment, and discussed worm propagation trend in the network that distributed honeynet had been deployed. Experiment result indicates that distributed honeynet not only can capture worm sample in time, but also can reduce the total number of infected hosts and the number of largest infectious hosts, slow down the speed of worm infection, it is of great significance in strengthen worm warning and prevent worm from spreading in large-scale networks.......