Research On Open And Common Interaction Model Of Network Security Defense System

Along with the rapid development of Internet, the position of network security is increasingly outstanding. The form of network security defense has already changed from traditional single static protection to static and dynamic combined, protection and detection combined tridimensional security defense system.Interaction is a new-fashioned network defense strategy. Security defense system must be dynamic, and each member should interact with another, setting up an organic relation. Interactive security defense system has become a new research direction.Interaction model is footstone of interactive security defense system. In this thesis, we first compare some current main interaction models and protocols, analyze their advantages and disadvantages, and abstract both sides of interaction: SM (Security Manager) and SD (Security Detector). Based on them, an open and common security defense interaction model-OCIM(Open and Common Interaction Model) model is put forward, which includes IAEP (InterAction Exchange Protocol) and IAMEF (InterAction Message Exchange Format).IAEP defines a reliable, safe and extensible interaction exchange protocol. IAMEF defines an open, common and extensible interaction message exchange format. Also, we carry out experiments on OCIM model, and analyze and evaluate result of the experiments. In the end, the research directions of improving and extending in the future are presented.