节点文献

网络管理系统安全策略及框架结构的设计与实现

Design and Practice of the Security Strategy and Framework for Network Management System

【作者】 阎丽涛

【导师】 叶瑰昀;

【作者基本信息】 哈尔滨工程大学 , 控制工程, 2002, 硕士

【摘要】 当前网络入侵事件不断发生,使得网络安全管理技术成为当今人们关注的热点。由此,网络安全技术成了网络技术发展的一个重点研究方向,而良好的网络安全管理系统模型的构造为开发可靠性和入侵检测两个方面进行了研究和探讨,设计并实现了一个分布式网络安全管理框架DNSMF(Distributed Network Security Management Framework)。本文首先研究了计算机网络的安全策略。从各个角度描述了不同的安全控制方法。然后分析入侵检测技术。比较异常检测和滥用检测各自的优缺点,以及各种检测方法的数据来源。还研究了JavaBeans技术和Java RMI在分布式计算中的应用。在以上研究的基础上提出了DNSMF框架设计思想。DNSMF系统主要组件是:DNSMF控制器,每台主机一个主机监控器,以及每个网段一个LAN监控器。DNSMF是通过多个实体的自治与协作来提高入侵检测的准确性的框架结构。文中给出了DNSMF各子组件的定义模型,并且提出了组件间的通信机制。通过对各组件模型的定义和通信机制的提出,把分布式监管、数据精简和集中式的数据分析处理结合到DNSMF框架中。本文最后利用Java技术实现了DNSMF的一个原型系统,并过两个实例检验了DNSMF框架的实用性。

【Abstract】 Nowadays, network intrusion and attack affairs happen frequently, which makes people pay more attention on the spot of network security management technology. Network security technology becomes an important research direction of network technology. A good model can be a solid base for building a network security management system with high credibility. In this thesis, after giving a systematic study on network security technology and intrusion detection, we designed and implemented a distributed network security management framework ?DNSMF(Distributed Security Management Framework).First, the paper gave some research on the security strategy of computer network, with different method of security control described. Then it analyzed intrusion detection technology, compared the merits and shortcomings of Anomaly-based Detection and Misuse-based Detection, and depicted the source data of different detection ways. The research of applying Java Beans technology and Java RMI technology to distributed computing were also discussed.On the base of the above research work, we put forward the design idea of DNSMF. The components of DNSNF are the DNSMF controller, a single host monitor per host, and a single LAN monitor for each broadcast segment in the monitored network. DNSMF is a framework, which increase the veracity of intrusion detection by the autonomy and cooperation of multiple agents. Every definition of component of DNSMF is given, and the communication mechanism between components was brought forward. So, we concentrated distributed monitoring, data simplifying and centralized data analysis and disposal technologies into DNSMF.Finally, the thesis implemented an prototype of DNSMF using Java technology, and gave two real examples to validate the practicability of DNSMF.

【关键词】 网络安全分布式Agent
【Key words】 network securitydistributed systemAgent
  • 【分类号】TP393.08
  • 【下载频次】196
节点文献中: 

本文链接的文献网络图示:

本文的引文网络