A Honeynet-Based Firewall Scheme with Initiative Security Strategies

With the rapid development of network technology, a variety of new attack methods to the network come out endlessly. Traditional firewalls, depending on the static feature data base, have more and more limitations to these attacks. To alleviate this problem, in this paper we propose a honeynet-based firewall scheme with initiative security strategies. In this scheme, the data-analyzing module can timely discover new attack behaviors by analyzing the output result of honeynet with data-mining technology, and furthermore, according to these findings the rule-learning module can dynamically create new defend rules and apply these rules to the firewall. In this way, the firewall keeps enriching its security strategies that greatly enhance its ability to defend new attacks. This paper gives a detailed description and discussion on the new firewall scheme. Compared with other joint-defense technologies, our firewall scheme has more advantages, can response more quickly and accurately to the unknown attacks and being more secure for internal.