| With the rapid development of network communication technology and computer hardware, the security problem of network information system is more and more serious: all kinds of system security leak spread abroad; advanced attack technology and tools promulgating in the internet; organized hostile network attacking become stronger; the increasing attacks from inside of the network, etc. How to avoid the threats broad by network security problem as most as we can in the normal use condition is the most concerned problem we cared.Firewall, VPN, IDS, Vulnerability detection, antivirus system, ID authentication security audit etc. apply widely in network system. Though these security equipments have certain effect in particular aspect, most of them have single effect and there is no unified managing and coordinating system which can lead them to support each other and work harmoniously, therefore, they can not be used sufficiently.From the point of view of a network security administrator, there are so many security devices in the network, and all of them have a platform of their own. The administrators need to know how to use every platform. It is a very complex work. Further more, the number of alert will rapidly grow with the increase of the size of the network. And there are a lot of false positives and a part of false negatives. The administrators are too busy with dealing the false positives to find real alert. So, the security problem is always there.This thesis introduces and analyzes present technology of Internet security management and researches on founding a new solution for whole network security management-Uniform Security Management to realize central monitor, unified target management, intellectual audit of network security resources and mutual-action of all kinds of security in a singer interface. The thesis do particular research on the key technology of the Network Uniform Security Management .It also sums-up a method to optimize alert which based on a association rule knowledge base to reduce false positives and to find false negatives. These works can simplify network security management work, promote security level, controllability and manageability of Internet and reduce users' cost on security management. |
PDF Full Text Request