| As a security monitor product, network audit system has been used widely. But because of the sensibility of its data, it suffers attack and destruction easily. So far, people have done a lot of work to improve the security level of network audit system in terms of security protection and achieve some effect. However, they didn't consider the problem that how to ensure the essential function to run normally when the attack is successful. There are more and more attacks impossible to defend effectively. We can't ensure full security of the network audit system. So the intrusion tolerance mechanism should be designed to improve the survivability of the system.Network survivability is the innovation for the traditional network security concepts. The concept of survivability focuses on the capability of implementing the key mission timely during the time when the network application system is suffering from the attack, fault or incident. The clou of survivability is that the system can fulfill the key mission and repair its services which are damaged even if the intrusion is successful.This paper designs the survivability mechanism which ensures the network audit system to provide the services when the intrusion is successful. The main work includes the following aspects:1 .Analyzing the advantage of survivability technology comparing to the traditional security technology, summarizing the correlative concepts and applications of the survivability technology.2.Designing the anti Performance-attack survivability mechanism based on 3R.The stable performance model is established to enforce the capability of recognizing the attack. For different attack intensity, the system should provide different level of system services. This paper proposes the anti-attack mechanism based the service classification. The associate actions of system security mechanism can improve the capability of recovery.3.Implementing a network audit system which has the Survivable capability. Based on the research of the survivability mechanism, we build up the network audit system prototype based on the SYSLOG protocol; improve the sustainable capability of system services via implementation of the survivability mechanism.From what has been done above, this paper designs and implements a set of survivability mechanisms for network audit system to anti Performance-attack. They provide effective safeguard mechanisms to accomplish the key missions in the case of the attack state. At the same time, they complement and extend the survivability application theories. |
PDF Full Text Request