Intelligence Platform Based On Site Security Threat Analysis

As the webifying in all fields of the business, more and more organizations, institutions and businesses construct their business online; meantime, endless web attacks could not be avoided accompanied by the progress and evolution of hacker technological. In such a situation, maximization of the online operation business online protection, ensure the critical business information safety, is a key research topic of network security industry.In this thesis thesis,the following work is performed based on the industry requirement:(1) On the basis of cloud-based architecture and distributed deployment, we designed internet protection platform based on security threat analysis, including the Web site protection, information center, security monitoring and security services.(2) We built a Web threat intelligence centers by means of cloud resources; We finalized web traffic protection through DNS resolution mechanism and reverse proxy mechanisms; Finally, benefit from data digging of intelligence p, we made exploration by correlation analysis Technology.(3) Based on practical application of the platform, we tested and inspected the function of each module, mainly focused on a detailed description of network-layer DDoS attack protection, application-layer DDoS attack protection and website acceleration.A domestic provincial government department has deployed this intelligence platform based on site security threat analysis. This cloud based platform architecture has a natural advantage to address the difficulty of the traditional security devices for Web attack protection, especially DDoS protections; for the administrator, with the threat intelligence mechanism, it provides the possibility to gain latest Web threats related events and respond incoming. Now the system is running stably and reliably and the desired goals are achieved.