Acquisition And Analysis Technology Of SNMP Security Situation Information

Network security situation sensing system generates and turns into focus of study in information safety of network when network information security problems are up against huge challenger. Network security situation sensing system demands many aspects of integrated supervision of the security situation of large-scale network, timely alarm of potential and existed abnormity as well as reasonable pre-estimate of future network security situation.Multi-source heterogeneous network security situational awareness system consists of sensors of different data-sources. As a result of the simple and common character of SNMP protocol, SNMP network security sensor is a very necessary component of network security situational awareness system and provides data-support for the supervision of large-scale network security situation. SNMP protocol is widely used in the network management area, and it shows the completeness of Network security situational awareness system when using a SNMP data as a data souse of the system.Information acquisition and analysis techniques based on SNMP security situation are important techniques for the design and implementation of SNMP network security sensor. Firstly, this paper studies on the SNMP-based network security data acquisition techniques, design and realization of data acquisition module for network security SNMP sensor through the application of SNMP protocol-related knowledge, and makes a deep research on the relevant technologies of data acquisition and deployment of data acquisition nodes. Secondly, this paper studies on SNMP-based network security posture information analysis techniques upon the relevant data, designs and realizes the SNMP data analysis module through the research and improvement of the decision tree mining algorithm, and shows the overall analysis of process by a typical attack experiment. Finally, the paper studies on the multi-sensor information fusion technology on the basis of multi-source heterogeneous sensor network security information in separate preliminary, fusion algorithm designed by a vote integrated platform and realization of communication between the different sensors by the socket network programming technology.In addition, the paper also designs and realizes the network traffic graph display module and trap information acquisition module, expands features of the SNMP network security sensor data acquisition module and better serves for the situational awareness of network security system.