Design And Implementation Of Active Network Security Monitor System

Posted on:2009-07-21

Degree:Master

Type:Thesis

Country:China

Candidate:G D Liu

Full Text:PDF

GTID:2178360272977155

Subject:Computer application technology

Abstract/Summary:

PDF Full Text Request

As the Internet being highly used, more and more attention has been paid to network and information security. In network security most commonly used methods include installing firewall, or IDS on computer, but hackers still can get into the network by any means. So being able to identify what is happening on the network becomes an important aspect of network security.This paper firstly discusses about the disadvantage of networks, designs and implements Active Network Security Monitor System (ANSMS) for company network, including the Illegal Connection Monitor Subsystem (ICMS), Malicious Downloading Prevention Monitor Subsystem (MDPMS) and Mandatory Access Control Monitor Subsystem (MACMS). In Illegal Connection Monitor Subsystem (ICMS), researches the encryption technology, binding IP-MAC together and design the active strategy of illegal connection; design and implement authentication module, detection module and closed module based on ARP protocol; In Malicious Downloading Prevention Monitor Subsystem, mainly parsing the packets of HTTP and FTP protocol, detection netflow, design and implement TDI Filter Driver, intercepting the connecting users actively. In Mandatory Access Control Monitor Subsystem, take part in the implementation of a new access control model based on Bell-Lapadula model and Biba model which takes advantage both Bell-Lapadula model and Biba model; implement windows filter driver which intercept the operation for files by process.According to the characteristics of the special network, implement three modules of the Active Network Security Monitor System. The research results have been used in the network of a certain department as project background for several times, indicate that Illegal Connection Monitor Subsystem could detect the illegal computer and close the connection; Malicious Downloading Prevention Monitor Subsystem could close the users'downloading which download more than threshold and prevent the protection files being download; Mandatory Access Control Monitor Subsystem could intercept I/O request actively, implements Windows mandatory access control.

Keywords/Search Tags:

illegal connection, malicious downloading, mandatory access control, Bell-Lapadula/Biba model, driver program

PDF Full Text Request

Related items

1	Research Of The Mandatory Integrity Control Mixed Biba With TE Policy
2	Study Of Key Technology On Security Access Control Of UC/OS-Ⅱ
3	The Security Study Of Embedded Linux Operation System
4	Research Of Illegal Extra-Connection Safety Supervisory System In The Intranet
5	Formal Modeling Of The Security Of The Linux Operating System And Secure Web System
6	The Security Enhancement Study Of Embedded Linux Operating System
7	A Mandatory Access Control Mechanism In Virtual Machine Systems
8	Design And Implementation Of Unidirectional Data Transmission Device Based On Removable Storage Media
9	Active Control Techniques Research On Illegal Internet Connection Of Classified Terminal Based On TCM
10	Research And Implementation Of Mandatory Access Control Based On SOA