Study And The Realization Of Synergy Based On The Distribution Of Large-scale Network Monitoring And Security, Security System

With the development of network technologies and deepening of network applications, network security problems are more and more serious. The new trend of network security is that network attacks appear distributed and dynamic, but typical solutions are focused on local detection and defense. In addition, although there exist many network security components, such as firewalls, routers, and intrusion detection systems, etc., there lack necessary communications and cooperation among them, so it is very difficult that typical solutions efficiently safeguard entire network from globality. Therefore, it is necessary and urgent to investigate and work out new network safeguard technologies that are competent for distributed detection and cooperative work.As a mainstream technology in the distributed object computing, CORBA has many advantages in distributed applications, such as, independence of platform, independence of implementation language. Thus it can conveniently be used to integrate the existing software in different network environments. Through CORBA, distributed objects can interact each other in a very simple way, which they don't need to deal with the tedious lower level network communication details. Cooperative technology is another mainstream technology in the distributed computing. Through cooperative technology, we can make variant network components to cooperative work for safeguarding our network. So through these two technologies, we may build a distributed cooperative detection and security protection system in large-scale network, which is competent for distributed detection, cooperative work and dynamic protection.Based on analysis of network security and network applications, the paper emphatically discuss necessity and feasibility on applying CORBA technology and cooperative technology to safeguard network. The distributed cooperative detection and security protection system model in large-scale network, DCDS, is proposed. Several key issues in DCDS, for example, object interaction, group communication, cooperative data analysis and cooperative response are discussed in detail. At last, weapply DCDS model to five applications, distributed attack, network probe, file recovery and load balance, are experimented and investigated. The initial results of our experimenting show that our DCDS model and implementations are effective and feasible in practice.The paper is finished under the background of a project sponsored by nation, which is top-secret and have been tested and accepted by national network security management center.