| Involving a variety of confidential information of national security, directly related to the national security interests and social stability. Once the national confidential information is stolen or destroyed, it would cause incalculable damage to the country. In today's higher level technology of information security attack and defense, to study the solution has important practical significance.The paper firstly discusses the domestic and international information security and monitoring technology development status, analyzes the four kinds of traditional access control model for their own advantages and disadvantages, deeply studies of the UCON access control model, and comprehensively analyzes the UCON access control model principles of the core components and the advantages and disadvantages; We Designed for information security monitoring system architecture based on UCON access control model; In the Network Malicious Download subSystem, deeply study of the network packet capture analysis technology and communication blocking technology, propose a UCONpreA1onB2 model,it can block the excess download network data packets in real-time;In Anti-File Sensitive Information Leakage Monitoring subsystem, we deeply study of the file filter driver technology and the formated document parsing technology, propose a UCONonA2 model, it can monitor the sensitive information in the host effectively;In the QSAC matching algorithm, we deeply study of the multi-pattern matching algorithm, and for the problem of the low algorithm efficiency in big character set, we introduce a novel in English and Chinese-oriented environment QSAC matching algorithm, it solved the low efficiency problem in security monitoring system for large character-set matching.Now, we have completed the overall design of Information Security Monitoring System, achieved two security monitoring subsystem. Compared to the current security monitoring system, it can improve the efficiency of information security monitoring and safety. Experimental results show that the Network Malicious Download subSystem can automatically block malicious downloads, protect the network server; Anti-File Sensitive Information Leakage Monitoring subsystem is able to search and monitor hosts file that containing sensitive words, and to achieve content filtering, effectively prevent the leakage of information; Currently, the two subsystems is in the trial in the relevant department. |
PDF Full Text Request