five

魅影威胁诱捕解决方案

收藏
合肥数据要素流通平台2022-07-12 更新2024-03-01 收录
下载链接:
https://www.bigdatadex.com.cn/dataCirculation/listMoreb/details?shopId=1546760193416753154&commodityType=6
下载链接
链接失效反馈
官方服务:
资源简介:
威胁监测系统作为在防火墙, ids之后的第三道防线,采用欺骗防御技术理念,通过在攻击者的攻击路径、攻击过程、攻击范围内设置若干精心布置的虚假目标(诱捕陷阱),吸引攻击者进行攻击,扰乱和混淆攻击者对攻击目标和攻击路径的正确认知,同时诱使攻击者对诱饵实施攻击,从而对攻击行为进行捕获和分析,推测攻击者的动机和意图,有效实现精准的攻击告警,更清晰的了解所面对的安全威胁,并通过技术和管理手段来增强实际系统的安全防护能力,以进行针对性的防范。 由于此系统中的诱捕节点处于非信息公开区域,正常业务不会访问,所以一旦被触碰,属于威胁行为的可能性非常高,正是根据系统的这一基于行为而非规则匹配的原理,有助于能发现一些新型,0day, 变种的威胁。 通过此系统的建设,还得以降低企业安全成本,减轻安全人员、监控人员工作量,提高安全部门的整体效率,同时满足企业的整体安全提升的诉求,不影响现有的安全的应用体系。 欺骗防御技术可用于保护易受黑客攻击的业务系统,特别适用于电商、金融、证券、运营商等包含大量用户数据、资金等敏感信息的业务环境,欺骗防御技术连续三年被Gartner评选为顶尖信息安全技术之一。基于欺骗的主动防御技术具高欺骗性、极低误报率、探测范围广、对业务系统零入侵、内网安全情报有效来源等优点。

Threat monitoring system, as the third line of defense following firewalls and Intrusion Detection Systems (IDS), adopts the concept of deception defense technology. It deploys carefully arranged false targets (decoy traps) along attackers' attack paths, during the attack process and within the attack scope to lure attackers into launching attacks, thereby disrupting and confusing attackers' correct cognition of attack targets and paths, while inducing attackers to launch attacks on the decoys. In this way, it captures and analyzes attack behaviors, infers attackers' motives and intentions, effectively delivers precise attack alerts, gains a clearer understanding of the faced security threats, enhances the actual system's security protection capabilities via technical and management means, and implements targeted prevention. Since the decoy nodes in this system reside in non-public information areas and will not be accessed by normal business operations, the likelihood of being a threat behavior is extremely high once they are touched. Leveraging this behavior-based rather than rule-matching principle, the system helps detect emerging, 0-day and variant threats. The deployment of this system can also reduce enterprise security costs, ease the workload of security and monitoring personnel, improve the overall efficiency of the security department, meet the enterprise's demands for overall security enhancement, and will not disrupt the existing security application system. Deception defense technology can be used to protect business systems vulnerable to hacker attacks, and is particularly suitable for business environments hosting massive sensitive information such as user data and funds, including e-commerce, finance, securities, and telecommunications operators. Deception defense technology has been recognized as one of the top information security technologies by Gartner for three consecutive years. Deception-based active defense technology boasts multiple advantages, including high deception capability, extremely low false positive rate, wide detection range, zero intrusion to business systems, and serving as an effective source of internal network security intelligence.
创建时间:
2022-07-12
搜集汇总
数据集介绍
main_image_url
背景与挑战
背景概述
该数据集描述了一种名为'魅影威胁诱捕解决方案'的威胁监测系统,它采用欺骗防御技术来诱捕和分析攻击行为,适用于多个敏感行业,并具有高欺骗性和低误报率的优点。
以上内容由遇见数据集搜集并总结生成
二维码
社区交流群
二维码
科研交流群
商业服务