Research Of Server Defense System Based On Proactive Multi-Security

In the world today, with the rapid development of information technology and network application, information security has been a worldwide concerned problem. Network Server, as the carrier of network service, there are plenty of network data resources. the current number of attacks against the server are massive growth. However, the traditional hardware firewalls, intrusion detection software provides only the network layer protection, lack the kernel layer and application layer protection. It is difficult to adapt the development needs of network security. Explore and exploit of Server Defense System Based on Proactive multi-Security will be an efficient way to solve this problem.This paper describes the theory and technology of Server Defense System first, and researched the SDS structure. In this paper Active Defense Mechanism, Privileged User Access Control Mechanism, Web Application Firewall and Page Anti-tamper Mechanism are designed, they are all based on SDS. In the final of the paper the software are implemented and tested. The detailed work is shown as following:1. For the current anti-virus programs, that depend on the virus database, can only killing the known virus. We design a new SDS Active Defense Mechanism which not depend on the virus database. The mechanism based on default rules to allow the normal operation and stop the harm operation to achieve the purpose of computer system protection.2. Windows system is a multi-user, multi-tasking system. Different users in same computer have different permissions. Once the permissions are set incorrectly, will cause the system and application run error. To solve this problem, we designed a Privileged User Access Control Mechanism. The mechanism minimize their privileges, and through a closed kernel to defense the known and unknown viruses.3. The traditional hardware firewalls and intrusion detection software provides only the network layer protection, lack the kernel layer and application layer protection. To solve this problem, we designed a Web Application Firewall. The firewall through a series HTTP/HTTPS security policy to defend the attacks from the application layer, thus ensuring the legitimacy and security of all kinds of requests from the application layer.4. For the current web page anti-tampering attacks, we designed a Page Anti-tamper Mechanism. The mechanism use mandatory access control policy of the process and file system to achieve page anti-tamper features. And also use product file management tools to achieve file upload and download. The mechanism greatly reduces the difficulty and cost of products.