| The local network, along with the advent of the information age and the rapid development of computer science, security has become a key constraint for the progress of the technology construction. There are many information-security management softwares both at domestic and aboard in nowadays.They are already fairly complete functionality, but still don't match the actual requirement of the local network security, due to the existence of cost, speed and lack of safety research. We urgently need a software on the basis of a deep framework and technology, which can respond well to the current environment within the network, in large measure to solve the problems we are facing.The malware protection system of local the network in the current NAC framework, based on NAC , make full use of its network isolation and extends the connotation of NAC through the deployment of the nodes in the security software. It has increased a functionability of protection after security incidents ,more than prior certification, things in control, saving the record after things.At present, many popular security technologies are based on the analysis of API calling sequences to analyze dynamicially the process in order to master the process of real-time dynamic control of the threat of hostile action in the initial stage. However, the current analysis techniques are focused on comparison of the abnormal sequences after the normal call sequences have been exhausted, or an algorithm (such as MCM) in order to extract key sequence fragments and reduce the workload without reducing effective protection.However, this approach has encountered in the operation of great trouble. and that is, the normal sequence is almost endless, his exhaustion is basically impossible. Furthermore, due to a huge amount of the normal sequence it is very time-consuming in the alignment, which affects judge speed and constraints software performance. So this improvement, by a calling source alternative to the normal function calling sequence and confirming the calling source instead of the calling sequence, in a system with a finite number of funcational modules, is a good solution to this problem. The local network security, including protection, monitoring of network traffic is very easy to think of the way. but if the data flowing through the network was validated the integrity in the process,it is very great significance to the protection of data security within the network.The traffic control we discuss in this article is aimed at the process for the data traffic safety,which verify the data integrity by comparing the amount of data intercepted in the string of the NDIS layer flow controller with the default in the amount of data applications. Critical data is prevented in this way, the outflow of data in the current process hijacked stop when data is being sent ,which prevent the machine of the key information from sending illegally out to the network in legal means after the incident this is the system with the basic security protection, not the same as the previous security system information compromised the machine open to the public once the system is completely. In this paper, the flow control is different from the traditional one, it is not the delivery rate in the communication chain, but statistical data sent of the process of network-related, to prevent the process hijacked of connection established from critical data loss. |
PDF Full Text Request