Research On Issues Of Video Security And Network Security

While the development of network and digital image technology promote human society progress, the network information security, including the video frequency/image, becomes serious issue day by day. The opening information system has the many safe hidden dangers inevitably, for example, network invasion, video frequency divulging. Its research content mainly involves: the cryptology, the algorithmic analysis of public key cipher system, the digital signature and the authentication, the network vulnerability analysis, the access control, the firewall and the visit proxy technology, safety control and application, the viral prevention, the hacker assurance, the network crime monitoring, the invasion detection and the crack scanning and so on. Therefore, the question of security of video and network becomes the global attention, and becomes the hot filed in the information science research. The video security and the network security research technology receive more and more attention of the world as a unique area.Research on Issues of Video Security and Network Security, which is this thesis, focuses on the following:1 The video image information by the characters of its direct-viewing, vivid, easy to understand, major information, becomes an important way to gain information for the users, the American MIT Media Laboratory researchers in 1994 once forecast that in the first 10 year of 21st century, the majority of contents on the communication link will be about the vision. Today, this forecast of accuracy is confirmed.Each kind of video information grows rapidly, making the video information become the main information source. However, the video information in important places like military post, border defense, jail and so on, once divulges, which will bring the inestimable consequence to the national security and the social stability. Thus the problem of video frequency security attracts people's attention day by day, along with enlarging the area of network monitor and control constantly.Propose one video image encryption based on the video image compressed encoding and the cryptology technology. This method introduces chaos system's Logistic mapping and the Baker mapping, unifies the characteristic of H.264 video compression code, carries on the position scrambling to the blocks after DCT through using the Baker mapping, changes space pixels position. Then utilize pseudo-random sequence introduced by Logistic mapping to generate code sequence, change the value of block matrix pixel. Finally after the entropy code completes, using the Logistic mapping to produce the pseudo-random sequence, carries on the drifting encryption to 01 binary string. The algorithm has introduced the chaos encryption thought, uses the pseudo-random sequence produced by the chaos mapping to construct two kind of keying sequences which the encryption needs, strengthens the algorithm security.2 Because the network popular rate is getting higher and higher, once the invasion behavior of goal and the large-scale network of occur, it creates the worse influence. General Accounting Office reports pointed out in the information security report in July, 2003 that the network attack increases day by day. The network attack increased from 9859 in1999 to 82094 in 2002 and in the first half of in 2003 reached as high as 76404. Moreover, the invasion technique of network hacker also renovates unceasingly. According to the research of National Institute of Standards and Technology, every month has at least 30 to 40 new techniques of hacker invasion produced. Therefore, how to safeguard the computer system, the network system and the entire information security has already become the urgent important question, having the especially vital significance to protect our country's network security. As an invasion detection technology, this attracts more attention of the general domestic and foreign scholars.The invasion detection technology has provided real-time protection to the internal attack, the exterior attack and misoperation as one kind of positive initiative safety protection technology, intercepts and responses invasion before the network system receives the harm. From three-dimensional depth, multi-level defense's angle of the network security, the invasion detection technology has received serious attention. Since IDS was proposed in 1980, SRIICSL, Purdue University, University of California-Davis, Los Alamos National Laboratory, Columbia University and University of New Mexico have certain research in this aspect. However, as a result of network size's unceasing expansion, the network capacity grows fast and the hacker technology develops unceasingly, propose a higher request to the performance of invasion detection.Tradition pattern matching of detection technology exists questions: The calculation is huge, if the operational capability is dissatisfied, it will cause the drop and lead to leaking report; only examine existed attack method in the characteristic database, it is helpless to the unknown attack method; only carry on the match to some specific form of attack characteristic, the aggressor may transform the form of attack package to deceive IDS; or construct massive false attacks, submerge real attack in the IDS frequent warning; many are helpless to attack based on the agreement. Moreover, to current most popular attacks, Dos is also unable to examine. In view of the above question, this article proposes the intelligent match detection technology based on the dynamic analysis automatic sequence rule database and the protocol analysis. This detection technology examines the attack through using the existence of high regularity of TCP/IP agreement technology; the automatic sequence database based on dynamic analysis can cut down the time of pattern matching effectively, and reduce the computation load of match detection.3 The question of computer-related crime is day by day serious. The crime influence politics and the economic order immediately, hinder society's stable development seriously. How to gain related electronic data evidence about the computer crime further, and crack down the computer crime has become the new research direction of information security field. The computer forensic technology solves this question effectively.Looks over the development of domestic and foreign computer forensic work, as a result of limitation of technology and law, the forensic work still mainly adopted the method which collects evidence afterward, i.e., at present forensic work is majority after the crime event occurred, according to the characteristic of computer and network, many important data is in the memory which is easy to lose; at the same time, during the process of hacker's network invasion, the intruders also change and delete some system logs, or utilize anti-forensic to cover their crime. According to the CSI/FBI computer annual report in 2004, the traditional computer forensic technology is mainly forensics afterward. But the network and the computer information system are in the unsafe condition, especially in some places required high safety, the information security defense technology cannot prevent completely the system is attacked and abused.This article mainly studies and designs the new forensic system in the following several aspects. Propose a thought that a dynamic forensic system based on the network, designs a forensic proxy which has many kinds of function modulation, which make the single computer forensic operation disposed and managed. Forensic proxy could stay in the forensic machine for a long time, and could run in a disguised system service mode. Forensic proxy has realized many kinds of log files monitoring, extracting and saving. The log files data of system event are transmitted real-time to the long-distance security computer, then write in the read-only database, guarantee the evidence integrity and effective further. When the forensic proxy is running at the system, records any user's the keyboard operation. In order to construct the computer operation flow afterward, restore the original state of suspect's any activity. Moreover the forensic proxy has also realized the related extraction function of scene evidence.The scene evidence contains massive the information of systems running condition, which is the important component of electronic data evidence. The network forensics machine has realized capturing, the analysis, and saving work of network data package. Explain detailedly capturing of the data packet, and use the protocol analysis technology to collect and arrange the information through the network. Not only monitor the internal mainframe network activity, but also gather the network data simultaneously which were generated in the process that the outside network computer attacks the inside one. To guarantee the electronic data evidence to transmit to the security server safely and correctly, this article carries on the private transformation to the existing SHA512 algorithm, and through adding the method of package verification to enhance efficiency in the mistake examination of transmission process, thus realizes the safe transmission module. Introduces the"honey jar"technology in the system, second directs the network aggressive behavior, traps the aggressor to attack the"honey jar"constantly, after shutting off the attack ,we can still gain the aggressor's information continuously.Propose the dynamic forensic system to use the module design in the process of design and achievement, the process of forensic is divided into the evidence gain module, the evidence transmission module, the evidence analysis module and the supervisory control module that were designed and developed separately. The whole system takes the client/server's form movement, achieves cooperation, and completes the forensic duty. According to two kinds of criminality which take the computer system as the goal and take the computer system as tool, this system pays proper attention to both.According to the static character that the traditional forensic technology is mainly done afterward, it is hard to satisfy the actual need in evidence of authenticity, validity and timeliness. Giving a dynamic forensic system, this system will make forensic work occur before the criminality carries on or is in the process, avoids losing the evidence chain flaw because of forensic not prompting, strengthens the integrity and the effectiveness of data evidence.