The Design And Implementation Of User Behavior Monitor System In Private Network

In the process of the development of information technology, Management information system is playing an increasingly important role. A lot of classified documents and commercial secrets stored in the system. The demand of the system is higher and higher. Although the information management systems are physical isolated between the private network and external network in the National security unit interior, this method can prevent the external attack, but can not prevent the internal attack. Throughout the domestic and foreign, Management systems are attacked and the information of the information management system is leaked by the users frequently, When information leaks occur, there is no test system to test the information system. After the leaks happened, Management is still not aware. A lot of researches have been done on the behavior trust of legal users at home and abroad, but there is little research on the application of the specific environment. Implementation of different management system user behavior monitoring has become an urgent problem to be solved in the enterprise, especially for the more strict confidentiality of national units and enterprises.On the basis of the above reasons and the demand of the CAEP, the thesis, focuses on detecting the attack behaviors with obvious features and monitoring user behavior. The detection methods of intrusion detection is studied and the user behavior trust is analysed. From the perspective of actual requirements and implementation, user attack detection and behavior monitoring system is designed and implemented.The requirement analysis, functional planning and module design are made from the point of view of the system monitoring service and system management, The detailed design and implementation technology of each module are elaborated. According to the characters of aggressive behavior and user behavior, the system mades the related attack detection rules and policy rules library. The system use the middleware and webservice technology. The object dependency injection and generating log are implemented by the DI and Aop technology of Spring. Filter technology is used to achieve user request data and Hibernate is used to achieve database persistence. JDBC is used to achieve database connection and the database is Oraclellg. MiniUI lightweight presentation layer controls is used to implement the management of a friendly and simple interface system.Finally, the build and the deployment of the system is completed. The function and performance of the system are tested. The feasibility of attack detection is verified by feature extraction. The security policy is used to monitor downloading and accessing behavior effectively. The advantages and disadvantages of the system are summarized and analyzed, and the future work.