【作者】 张奇；

【导师】 庄毅；

【作者基本信息】 南京航空航天大学 ， 计算机应用技术， 2010， 硕士

【摘要】 涉及国家安全的各种秘密信息,直接关系到国家的安全利益和社会的稳定。国家机密信息一旦被窃取或破坏,将对国家造成不可估量的损失。在信息安全攻防技术发展到了较高水平的今天,研究这一问题的解决方法有着重要的现实意义。论文首先讨论了国内外信息安全监控技术的发展现状,分析了四种传统访问控制模型各自的优缺点,深入研究了UCON访问控制模型,综合分析了UCON访问控制模型核心组件的原理和优缺点;设计了基于UCON访问控制模型的信息安全监控系统系统结构;在网络信息下载监控子系统中,深入研究了网络数据包的捕获分析技术和通讯阻断技术,设计了UCONpreA1onB2模型,实现了对超量下载网络数据包的实时阻断;在防文件敏感信息泄漏监控子系统中,深入研究了文件过滤驱动技术和格式文档解析技术,设计了UCONonA2模型,实现了对主机敏感信息的有效监控;在QSAC匹配算法中,深入研究了多模式匹配算法,并针对在大字符集文本中算法效率较低的问题,提出了一种新颖的面向中英文环境的QSAC匹配算法,解决了在安全监控系统中对于大字符集文本匹配效率低下的问题。论文研究工作目前已完成对了信息安全监控系统的总体设计,实现了两个安全监控子系统。相比当前同类安全监控系统研究成果,可提高对信息安全监控的效率和安全性。实验结果表明网络信息下载监控子系统能够自动阻断恶意下载的行为,保护网络服务器;防文件敏感信息泄漏监控子系统能够搜索和监控主机中含有敏感词的文件,实现内容过滤,有效防止信息泄密;目前,已有两个子系统在相关单位进行试用。更多还原

【Abstract】 Involving a variety of confidential information of national security, directly related to the national security interests and social stability. Once the national confidential information is stolen or destroyed, it would cause incalculable damage to the country. In today’s higher level technology of information security attack and defense, to study the solution has important practical significance.The paper firstly discusses the domestic and international information security and monitoring technology development status, analyzes the four kinds of traditional access control model for their own advantages and disadvantages, deeply studies of the UCON access control model, and comprehensively analyzes the UCON access control model principles of the core components and the advantages and disadvantages; We Designed for information security monitoring system architecture based on UCON access control model; In the Network Malicious Download subSystem, deeply study of the network packet capture analysis technology and communication blocking technology, propose a UCONpreA1onB2 model,it can block the excess download network data packets in real-time;In Anti-File Sensitive Information Leakage Monitoring subsystem, we deeply study of the file filter driver technology and the formated document parsing technology, propose a UCONonA2 model, it can monitor the sensitive information in the host effectively;In the QSAC matching algorithm, we deeply study of the multi-pattern matching algorithm, and for the problem of the low algorithm efficiency in big character set, we introduce a novel in English and Chinese-oriented environment QSAC matching algorithm, it solved the low efficiency problem in security monitoring system for large character-set matching.Now, we have completed the overall design of Information Security Monitoring System, achieved two security monitoring subsystem. Compared to the current security monitoring system, it can improve the efficiency of information security monitoring and safety. Experimental results show that the Network Malicious Download subSystem can automatically block malicious downloads, protect the network server; Anti-File Sensitive Information Leakage Monitoring subsystem is able to search and monitor hosts file that containing sensitive words, and to achieve content filtering, effectively prevent the leakage of information; Currently, the two subsystems is in the trial in the relevant department.更多还原