Abstract: Most security technologies are designed to prevent unauthorized activity to resources, and security tools are put into place as a defensive measure. Therefore there is some shortcoming in protecting network. After analyzing the research situation and the shortcoming of security tools in intrusion detection and in protecting system, distributed virtual honeynet system is studied and implemented. The system is composed of hybrid virtual honeynet and low-interaction honeypot, which reduces the inherent risk of honeypot, adds the simulation’s trueness, and it makes up the shortcoming of exiting different type honeypots. As a dynamic security defensive mechanism, it can improve effectively integrate safety of large scale of network, and is completely supplement of traditional security mechanism.

Key words: Network security, Intrusion detection, Honeypots, Honeynets

摘要： 目前大部分安全技术被设计用来阻止未授权的可疑行为获取资源，同时安全工具是作为一种防御措施被布置，所以它们对网络的保护有限。在分析国内外研究现状的基础上，针对现有网络安全工具在入侵检测以及防护等方面的不足，设计和实现了分布式虚拟陷阱系统。该系统所分布的代理由混合Honeynet和低交互的Honeypot构成，降低了Honeypot固有的风险，增加了模拟的真实性，弥补了现存的各类Honeypot的不足。作为一种动态安全防御机制，可以有效地提高大规模网络的整体安全性，是传统安全机制的有力补充。

关键词: 网络安全, 入侵检测, 蜜罐, 陷阱网络