Research And Implementation Of A Universal Interaction System Based On Network Security Risk Assessment Method

With the development of the network security technology, risk assessment of the network security became an important part in an Internet Integrated Defense System. However, the risk assessment results couldn't be fed back to corresponding security product timely, so it only stayed in the evaluation or suggestion status. With the development of the intrusion technology, using single and loosely-coupled security technology couldn't completely defense a variety of attacks. So it's one of the tasks need to be addressed urgently to study a comprehensive network security defense system which is effective, dynamic and coordinated to achieve complementary advantages and interactive defense.This thesis designed and implemented a kind of Universal Interaction System based on the risk assessment method of network security, the system eliminated the limitation of traditional firewalls and Intrusion Detection Systems (IDS), and it executed centralized interactive control via a uniform server, and then it implemented the coordinate interaction of the two, it could dynamically defense known and unknown attack effectively. The system provided a unified standard interface for heterogeneous firewalls while having a certain degree of universality and scalability. In addition, this thesis proposed a number of optimal interaction strategy, and it defined a XML-based data transformation model, it implemented the secure communications between the firewall and the IDS, to a large extent, it enhanced the overall defensive performance of the network.This thesis implemented a network security risk assessment method which combines AHP method and fuzzy-logical method, and it combines the qualitative assessment and quantitative assessment. After analyzing the results of the assessment, it formed a strategy in a timely feedback to the Universal Interaction System, and the optimal rules were got for the interaction response of the firewalls. It provided the theory basis and decision-making support for IDS to add rules to firewalls dynamically.Experiments showed that it was feasible to apply real-time network security risk assessment to the Universal Interaction System, and it greatly enhanced the timeliness, accuracy and operability of the interaction response.