The Design And Implementation Of Network Security Audit System Based On Logs

In recent years along with quick universality of Internet, the network gradually becomes necessary and important means for users to complete related business .But Internet also brings many severity of safety problem at meantime it brings convenience.The network security has already become importance constitute part of nation and national defense safety, also become key of nation network economy development in the meantime. The network information audit system gradually becomes important part of whole safety system. Network Security Audit System Based on Logs adopts C/S structure, it audits and analyses logs of HF Firewall, IDS Intrusion Detection System, IPPS Informtion Protection System in Local Area Network, it can audit.security state of Local Area Network in realtime or in need.This paper first analysis system need of Network Security Audit System Based on Logs, and design the function structure of the system according to system need, and design system Implementation target according to analysis system of function structure, and design logic system and safety structure. Carrying on system detailed design according to the division of mold and from top to bottom principle, the whole system is divided to user control panel, backstage log processing service, database maintenance and data queue maintenance parts.User console is to divided to son mold pieces such as log search mold, born statement mold, system constitution mold, real show mold etc. Backstage log processing service is diveded into backstage control procedure mold, write log mold, read log mold, and fixed time auto backup etc. Then design the logic structure of each son mold.This paper puts forward thought of unifying formatted Log to audit and analysis logs of HF Firewall, IDS Intrusion Detection System, IPPS Informtion Protection System, to unify the format of logs in certainty scope, and add label in log pack to distinct logs. Making use of data brigade row buffer technique to carry on processing large mount of logs and assurance no logs losed.Makeing use of multi-threading mechanism to assure the efficiency of log processing.Using database INTERBASE to save logs,and it starts as pedestal service form, and making use of auto or manly backup database to realize self-protecton function of the system.This paper make use of C++ Buider tool to realize customer control panel.Making use of Windows technique to realize backstage log processing service, and backstage log processing service works as WINDOWS backstage service.This paper makes use of DLL mechanism to realize brigade row maintenance and database maintenance.This paper mades use of data share mechanism such as WMCOPYDATA message mechanism and writing registration table to realize correspondence.of function molds.Network Security Audit System Based on Logs can audit and analyse network safety logs that HF Firewall, IDS Intrusion Detection System and EPPS Informtion Protection System create, and find network safety problems in time, and audit safety of Local Area Network.