| With the popularization of computer and the network,the efficiency of people liveand work have been greatly improved,but at the same time,it brings some negative effects.The network has become fertile land of viruses and Trojans,so physical isolation networkemerge as the times require. Mobile storage device is widely used in recent years because itis portable and plug and play, this has catch hackers’ eyes, and therefore Ferry Trojan arises.Due to the existence of Ferry Trojan, the internal network also becomes unsafe, excessiveoperation and misoperation of internal staff superadded, a protection scheme in a smallerrange is badly needed.Fistly, based on the idea of network boundary, this thesis puts forward the idea of hostboundary protection, and by means of enforcing the protection to internal host to ensure thesafety of internal data.On the basis of full analysis to the isolated internal network, thisthesis chooses mobile storage device and printer as monitoring objects.Secondly, to monitor mobile storage device, this thesis puts forward a two-wayprotection scheme. For the executable programs entering the host through mobile storagedevice and the documents are transfered out of the host though mobile storage device, thethesis designs the correspongding treatment measures respectively, and describes the twomeasures in detail.Finally, for the problem of information leakage from the printer, this thesis proposes astrategy based on content filtering, and do detailed descriptions to the process of monitoringprinter, the application of API intercept technology and the method of how to get andanslysis the spooling files,Through the protection of host boundary, we narrowed the protection scope ofsensitive information, through detecting and processing Ferry Trojan, we prevent itinfecting internal host, through filtering the data out of host, we prevent information leakagecaused by excessive operation, so we provide a full range of protection for internal host andinternal information. |
PDF Full Text Request