èŠ‚ç‚¹æ–‡çŒ®

é˜²ç«å¢™å®žéªŒç³»ç»Ÿæ—¥å¿—ç®¡ç†ä¸Žè§„åˆ™ä¼˜åŒ–ç ”ç©¶

Reseach on Log Management and Rule Optimzation in Experiment Firewall System

åˆ†é¡µä¸‹è½½
åˆ†ç« ä¸‹è½½
æ•´æœ¬ä¸‹è½½
åœ¨çº¿é˜…è¯»
ä¸æ”¯æŒè¿…é›·ç‰ä¸‹è½½å·¥å…·ï¼Œè¯·å–æ¶ˆåŠ é€Ÿå·¥å…·åŽä¸‹è½½ã€‚

ã€ä½œè€…ã€‘ æ¨å¥•ï¼›

ã€ä½œè€…åŸºæœ¬ä¿¡æ¯ã€‘ ä¸Šæµ·äº¤é€šå¤§å¦ ï¼Œ é€šä¿¡ä¸Žä¿¡æ¯ç³»ç»Ÿï¼Œ 2008ï¼Œ ç¡•å£«

ã€æ‘˜è¦ã€‘ éšç€è®¡ç®—æœºç½‘ç»œæŠ€æœ¯çš„é£žé€Ÿå‘å±•,ç¤¾ä¼šç”Ÿæ´»ä¿¡æ¯åŒ–çš„ç¨‹åº¦ä¸æ–æé«˜ã€‚äººä»¬é€šè¿‡äº’è”ç½‘è¶Šæ¥è¶Šå®¹æ˜“èŽ·å–éœ€è¦çš„ä¿¡æ¯,ä½†åŒæ—¶ä¹Ÿå¸¦æ¥äº†ä¿¡æ¯ä¸¢å¤±ã€æ³„æ¼ç‰å®‰å…¨é—®é¢˜ã€‚æé«˜ä¿¡æ¯ä¼ é€’çš„å®‰å…¨ç‰çº§æ˜¯è§£å†³é—®é¢˜çš„é€”å¾„ä¹‹ä¸€,åŒæ ·ä¸å¯å¿½ç•¥çš„æ˜¯é’ˆå¯¹ç”¨æˆ·çš„è®¡ç®—æœºç½‘ç»œä¸Žä¿¡æ¯å®‰å…¨æŠ€æœ¯çš„å¦ä¹ ã€åŸ¹è®å’Œå®žè·µã€‚ç›®å‰è™½ç„¶ç½‘ç»œä¿æŠ¤æŠ€æœ¯ä¸çš„ä¼ ç»Ÿé˜²ç«å¢™æŠ€æœ¯å·²ç»å‘å±•å¾—æ¯”è¾ƒæˆç†Ÿ,ä½†æ˜¯ç”¨äºŽæ•™å¦å®žéªŒçš„é˜²ç«å¢™ç³»ç»ŸåŸºæœ¬ä»æ˜¯å¤„äºŽèµ·æ¥é˜¶æ®µã€‚å—å›½å®¶863è®¡åˆ’èµ„åŠ©,æ–°è¿‘çš„ç ”ç©¶æˆæžœæ”¯æŒå¤šç”¨æˆ·å¹¶å‘æŽ§åˆ¶çš„é˜²ç«å¢™æ•™å¦å®žéªŒç³»ç»Ÿ,ä¹Ÿæ£å¼å¡«è¡¥è¯¥é¢†åŸŸçš„ç©ºç™½,ä½†æ˜¯å…¶æœ¬èº«çš„æ—¥å¿—ç®¡ç†ç³»ç»Ÿå’Œå…¶è§„åˆ™åŒ¹é…é€Ÿåº¦ç¼ºé™·å¯¹ç³»ç»Ÿä»é€ æˆä¸€å®šçš„æ€§èƒ½é—®é¢˜ã€‚æœ¬æ–‡æ£æ˜¯ä¸ºäº†å¯¹è¯¥é˜²ç«å¢™æ•™å¦å®žéªŒç³»ç»Ÿè¿›è¡Œå®Œå–„å·¥ä½œ,å¯¹å…¶è–„å¼±æŠ€æœ¯çŽ¯èŠ‚è¿›è¡Œç ”ç©¶å’Œæ”¹è¿›ã€‚å…¶ä¸é‡ç‚¹æ£æ˜¯æ—¥å¿—ç®¡ç†æŠ€æœ¯ä¸Žè§„åˆ™ä¼˜åŒ–ã€‚æœ¬æ–‡é¦–å…ˆåˆ†æžäº†æ•™å¦å®žéªŒç‰¹ç‚¹,é˜²ç«å¢™åŠŸèƒ½ç‰¹ç‚¹,å¹¶ç»“åˆè¿™äº›ç‰¹ç‚¹åˆ†æžäº†é˜²ç«å¢™æ•™å¦å®žéªŒç³»ç»Ÿçš„ç‰¹ç‚¹,å¹¶é’ˆå¯¹æ¤è®¾è®¡äº†å®žéªŒç³»ç»Ÿçš„å®žçŽ°æ¡†æž¶,å¹¶å¯¹å„ç§å®žçŽ°å…³é”®æŠ€æœ¯è¿›è¡Œäº†æŽ¢è®¨ã€‚æŽ¥ç€æ–‡ç« ä»‹ç»äº†é˜²ç«å¢™æ•™å¦å®žéªŒç³»ç»Ÿä¸çš„å¤§è§„æ¨¡å¹¶å‘æŽ§åˆ¶æŠ€æœ¯,ä»Žæ ¹æœ¬ä¸ŠæŽ¢è®¨äº†é˜²ç«å¢™æ•™å¦ç³»ç»Ÿä¸Žä¸€èˆ¬é˜²ç«å¢™åœ¨è§„åˆ™ä¸Šçš„ä¸åŒä¹‹å¤„ã€‚å†æŽ¥ç€æ–‡ç« æ•™å¦ç³»ç»Ÿç‰¹ç‚¹è®¾è®¡å’Œå®žçŽ°é˜²ç«å¢™æ•™å¦ç³»ç»Ÿä¸çš„æ—¥å¿—ç®¡ç†æ¨¡å—,è§£å†³äº†åŽŸç³»ç»Ÿä¸çš„æ—¥å¿—è®¿é—®æ— æ³•ç»Ÿä¸€ç®¡ç†å’Œè®¿é—®æ•ˆçŽ‡ä½Žä¸‹çš„é—®é¢˜ã€‚æœ€åŽ,åŸºäºŽå¯¹æ—¥å¿—ç®¡ç†ç³»ç»Ÿçš„åº”ç”¨,æ–‡ç« å¯¹é˜²ç«å¢™è§„åˆ™ä¼˜åŒ–é—®é¢˜è¿›è¡Œäº†ç ”ç©¶,å¹¶é€šè¿‡å®žéªŒç»“æžœè¯æ˜Žäº†å…¶å¯¹é˜²ç«å¢™è§„åˆ™çš„ä¼˜åŒ–ç»“æžœã€‚æ–‡ç« ä¸ç ”ç©¶çš„ç®—æ³•å’ŒæŠ€æœ¯æœ‰æ•ˆåœ°è§£å†³é˜²ç«å¢™å®žéªŒæ•™å¦ç³»ç»Ÿä¸æ—¥å¿—ç®¡ç†å’Œè¿è¡Œæ•ˆçŽ‡çš„è¯¸å¤šé—®é¢˜ç‰,æé«˜äº†äº†æ•´ä¸ªç³»ç»Ÿçš„è¿è¡Œæ•ˆçŽ‡,ä»Žè€Œä¸ºä¸€ä¸ªæ”¯æŒå¤šç”¨æˆ·å¹¶å‘æŽ§åˆ¶çš„é˜²ç«å¢™æ•™å¦å®žéªŒç³»ç»Ÿçš„å®Œæ•´å®žçŽ°æ‰«æ¸…äº†è¯¸å¤šéšœç¢ã€‚æ›´å¤š è¿˜åŽŸ

ã€Abstractã€‘ With the development of computer network and information technology, it is more convenient to get access to Internet so as the data transmission. The fact also should not be ignored is that people are facing the dangers of their privacy leaking, virus threating and hackerâ€™s attacking when they connect to Internet. On one hand, the information security level has to be improved; on the other hand, we should learn something about computer network and information security technology. So, today, more researchers are working on how to providing a platform for these technologiesâ€™learning, training and practising.Though, among the current network protection technologies, the tranditional firewall technology is retlatively developped, the experiment firewall system which is for educational experiment is still in developing phase. The newly reseach achievement, multi-user concurrent control supported experiment firewall system, sponosored by national 863 project, fills this gap. And this paper is aimed at research and improvement of the weakness of the experiment firewall system in order to perfect this system. The improvement focuses on log management technology and firewall rules optimization.At the beginning, this paper analyzes the features of educational experiment and firewall function. Based on these features, we analyze the traits of experiment firewall system, design the framework of the system, and discuss the key technologies for the implementation. After that, this paper introduces the multi-user concurrent technology in the experiment firewall system to discuss the basic differences between tranditional firewall and experiment firewall system. Further more, this paper designs and implements the universal log management module of the experiment system, thus solving the problem of difficult universal management and low efficiency in the original log management. At last, based on the universal log management systemâ€™s usage, this paper does reseahces on the firewall rulesâ€™optimization to improve the experiment firewall systemâ€™s performance. The prositive result of performance improvmenet by this technology is proved by experiments.The algorithm and techonologies in this paper effectively improve the expereiment firewall systemâ€™s log management and rules matching performance, thus improving the overall performance of the system and helping perfect the multi-user concurrent control supported experiment firewall system.æ›´å¤š è¿˜åŽŸ

ã€å…³é”®è¯ã€‘ é˜²ç«å¢™æ•™å¦å®žéªŒç³»ç»Ÿï¼› å¤šç”¨æˆ·å¹¶å‘æŽ§åˆ¶ï¼› ç»Ÿä¸€æ—¥å¿—ç®¡ç†ï¼› è§„åˆ™ä¼˜åŒ–ï¼›
ã€Key wordsã€‘ Experiment Firewall Sytemï¼› Multi-user Concurrent controlï¼› Universal Log Managementï¼› Firewall Rule Optimizationï¼›

ã€ç½‘ç»œå‡ºç‰ˆæŠ•ç¨¿äººã€‘ ä¸Šæµ·äº¤é€šå¤§å¦

ã€åˆ†ç±»å·ã€‘TP393.08
ã€è¢«å¼•é¢‘æ¬¡ã€‘4
ã€ä¸‹è½½é¢‘æ¬¡ã€‘184

çŸ¥ç½‘èŠ‚ä¸‹è½½

èŠ‚ç‚¹æ–‡çŒ®ä¸ï¼š

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

æœ¬æ–‡çš„å¼•æ–‡ç½‘ç»œ

èŠ‚ç‚¹æ–‡çŒ®

èŠ‚ç‚¹æ–‡çŒ®

é˜²ç«å¢™å®žéªŒç³»ç»Ÿæ—¥å¿—ç®¡ç†ä¸Žè§„åˆ™ä¼˜åŒ–ç ”ç©¶

Reseach on Log Management and Rule Optimzation in Experiment Firewall System

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

é˜²ç«å¢™å®žéªŒç³»ç»Ÿæ—¥å¿—ç®¡ç†ä¸Žè§„åˆ™ä¼˜åŒ–ç ”ç©¶