| As Internet grows more and more rapidly, the computer network is becoming the basis and lifeline of nation economy development, which causes the entire world more and more relies on network. Network security issues, however, stand out along with the rapid development of computer network. With the backdrop, the Network Security Foundation Lab of UESTC began to research network security technology. Our project is basic condition platform construction project of the national science and technology of the Ministry of Science and Technology. This paper researches the security audit techniques which watch and track actions in network information systems, and develops audit tool software. On the base of technology research, we will constitute technology standards that have own intelligence property, so that we could enhance network recovery capability to protect important computer information systems. This paper mainly researches distributed security audit techniques: 1. We introduce the concepts of log and audit, and then expound the pivotal techniques of distributed security audit——normative expressing audit data, collecting audit data, storing audit data in security. 2. The paper focuses on how to store audit data in security, and analyze correlative problems and solution. 3. We bring forth the aim of distributed security audit demonstration system, and design the system from architecture, logic model, communication protocol, system security and other aspects. And more, we expound the design of log management module amply. Finally, the paper sums up the writer's work and describes the farther work. |
PDF Full Text Request