Based On Trusted Computing Within The Network Monitoring System

With the rapid development of computer network technology,internal network has been widely applied in all walks of life.The constantly expanding of network applications brings more and more security risks to information resources.How to refuse illegal network access, eliminate security risks from sources,how to effectively monitor and control the operation of the computers in the network,predict security risks in time,have become serious problems in the network security.Within the context of network security,study the trusted computing technology deeply,especially TNC. For clues to trusted root and transfer chain of trust,research and implement the integrity measurement in the network access control application,research and explore the application of trusted network thinking in the control of internal user behavior.Focused on the integrity measurement,put forward terminal access authentication model according to TNC. To access terminal as research subject,research hardware and software elements involved in the security and trust of terminal,establish a hierarchical model of integrity measurement with AHP, quantify the elements of integrity measurement,assess the overall security situation of the terminal. In order to adapt to the constantly changing of network environment,introduce the Bayesian network,assess the quantitative weight of measure element dynamiclly,enable the authentication model can change because of situation.Next,to the trust of user behavior as research subject,analyze the abnormal behavior detection base on comparison of behavior,focus on the comparison algorithm of behavior.On this basis,research and extend the Attack Tree modal,introduce the concepts of attack weight and attack progress,to behavior pattern matching as research subject,Put forward and design a behavior comparison algorithm according to extended Attack Tree model. The simulation results verify the effectiveness of the algorithm.Finally,design the general framework of internal network security system based on trusted computing. On the basis of researching WMI,design terminal measurement subsystem,achieve acquisition and quantification of terminal security elements,complete overall assessment of terminal.According to Bayesian network ,design and implement fixed module of quantitative weight.Finally,based on the actual deployment environment,test the measurement subsystem.The results show that the fixed module effectively improves the security and trust of access terminal, the expected goal has achieved.