Researching And Implementation Of A Large-scale Network Attack Emergency Response System

Along with the high-speed development of the network information technique and the industry, the network attack events also pile up one after another, and turn out large-scale, distribute and complicatied trend, the loss of network safe affairs rises year by year.An emergency respond to is the remediable measure and activity that adopts to correspond after invading the examination system to discover safe affairs occurrence, purpose is for suppress, arrestment or let up safe affairs to the system of the safety bring of influence, even track and seal to block up to invade a source, attain a defensive purpose in the meantime. The research of network safe emergency respond, for raising the our country network system emergency ability of respond, alleviating the backstroke of the attack, improving the network anti-attack ability have very important meaning. This paper mainly discussed improvement and implement of attack topology and decision-making technique in emergency respond.Firstly, summarized the basic circumstance of network security emergency technique research, cover the related concept of emergency respond and its system to study present condition at home and abroad, overview key technique of emergency respond technique to the system, inquiry in development trend of emergency respond technique for the future.Secondly, Analyzed respond characteristic of the DDos and the worm, and for satisfying their respond, contrast to analyze a few attack topology technique, improved and carried out a kind of logging track technique, design and carry out rollbackable tool of router interdiction or insulate.Thirdly, The contrast analyzed the merit and shortcoming of various affairs classification methods, putting forward a kind of support to respond to the affairs classification method that can evaluate amount of response price, and studied the case valuation decision technique on this foundation, improve utility of price evaluate technique in the decision.Finally, Integrate emergency response technique and rollbackable tool ,design a distribute and cooperate respond system structure, carry out a large-scale network attack emergency respond flat, and imitate the attack environment for carry on an experiment to identificate response capability.