Research On The Key Technology Of Data Collection In Uniform Network Security Management System (UNSMS)

With the rapid development of network technology and the gradual in-depth of information process, computer network has become an important support for efficient development in enterprise. A stable, efficient and secure network environment is good for improving the working efficiency, enhancing the enterprise credibility and expanding the profit source. At the same time, a variety of network attacks have become more advanced and popularity. So the enterprise networks are faced with the danger of attacks at any time, and often suffered with invasions and destructions in different degrees. It seriously interferes with the normal operation of corporate networks.The increasingly serious security threat forces the enterprises to strengthen network defense, pursues multi-level, three-dimensional security defense system. Then the enterprises introduce a large number of heterogeneous security devices gradually, such as anti-virus, firewall, Intrusion Detection System (IDS), Vulnerability Scanning and etc. However, the existing network defense system is mainly isolated and lack of effective collaboration. This causes new challenges to network security.There are so many security devices in the network, and all of them have a platform of their own. The administrators need to know how to use every platform. It is a very complex work. Further more, the number of alerts will rapidly grow with the increase of the size of the network. And there are a lot of false positives and a part of false negatives. The administrators are too busy with dealing with so many false positives to find true alerts. So, the security problem is always there.This thesis has conducted deep research to the key technologies of network security management system, summarizes one kind of data acquisition, and introduces its principle and architecture. In this paper, the key technology is further studied and a comprehensive multi-source data collection method is summarized. They are performed as the foundation for data analysis in unified network security management platform. At last, this thesis gives the future work of data collection technology.