The honeynet is a vulnerable and simulated computer network that is commonly used to improve network security. A profound evaluation of honeynet potency is crucial to the effective design and improvement of a honeynet. For that purpose, a new dynamical model for evaluating the honeynet potency is proposed and analyzed in this paper. The proposed model incorporates honeypots into the model formulation as state variables, and mathematical analysis finds that a key role for deciding the honeynet potency is the greatest characteristic value of the deployed network. Particularly, the range of characteristic values clearly forms the delimitation among the infection propagation between two explicit embranchments, below which the honeynet works at its best level, until malware tends toward the extinction, and above which the malware persists at a certain level. The proposed model is verified by numerical simulations on several representative computer networks. Based on the theoretical and numerical results, a discussion is provided. Accordingly, the results show that the honeynet potency can be explicitly enhanced by either properly reducing the number of links and the greatest node degree of the deployed network, or strengthening the data control or patch feedback function of the honeypot. The results presented in this paper can provide guidance on effective honeynet design.

蜜网是一个易受攻击的模拟计算机网络，通常用于提高网络安全性。深入评估蜜网效能对于有效设计和改进蜜网至关重要。为此，本文提出并分析了一种新的评估蜜网效能的动力学模型。所提出的模型将蜜罐作为状态变量合并到模型公式中，并且数学分析发现，确定蜜网效能的关键作用是部署网络的最大特征值。特别是，特征值的范围清楚地形成了两个显式分支之间感染传播的界限，在此之下，蜜网处于最佳状态，直到恶意软件趋于灭绝为止，恶意软件会在一定程度上继续存在。通过在几个有代表性的计算机网络上的数值模拟验证了所提出的模型。根据理论和数值结果，进行了讨论。因此，结果表明，可以通过适当地减少链接数和部署网络的最大节点程度，或者通过增强蜜罐的数据控制或补丁反馈功能，来显着增强蜜网效能。本文提出的结果可以为有效的蜜网设计提供指导。结果表明，可以通过适当地减少链接数和部署的网络的最大节点程度，或者增强蜜罐的数据控制或补丁反馈功能，来显着增强蜜网效能。本文提出的结果可以为有效的蜜网设计提供指导。结果表明，可以通过适当地减少链接数和部署的网络的最大节点程度，或者增强蜜罐的数据控制或补丁反馈功能，来显着增强蜜网效能。本文提出的结果可以为有效的蜜网设计提供指导。