| Intranet security has never drawn people's attention of its importance. The case which leads to this situation is that in comparison to viruses and Trojans, which occur in Internet for the most part, intranet security seems not so vital as them, nor is the harm they bring in. Nevertheless, actually, intranet information leakage has caused more tremendous losses both of economy and information. What's more, the abuse of resources and even the attacks launched by the internal staff have held a larger proportion of all the intranet threatens. Therefore, the guarantee of intranet security is essential to the companies and government departments, which is also the essence and motivation of the paper.Firstly, this paper introduces the background and significance of network security system, and analyzes the key technologies involved in the process of Intranet Security Management system. Then, we design the overall framework of the intranet security management system and the integrated structure of the main function module.Next, the main functions of the network security management system module is achieved. The specific work includes:(1)the communication module actualizes the rules for the information interaction between monitoring agent and monitoring center, and unifies the analysis of both sides communication data's meaning; it actualizes the concurrent processing model of monitoring center based on the multiple threads and queue, and by setting the amount of signal, actualizes the synchronous between monitor thread and work thread, mutual exclusion among work threads and controllability of monitoring agent data transmission. (2)The data management module actualizes the data management scheme of write delay combined with timer, and eases frequently write operation on the disk during the data storage process through periodic data operation. (3)The illegal Extra-Connection supervisory module integrates dual mode and proxy mode, which is the traditional solution for the problem, to actualize the illegal Extra-Connection supervisory of integrated type scheme. It also monitors the illegal Extra-Connection actions of breaking the connection of monitoring host and network artificially, and reduces the rate of failed or false reporting of illegal Extra-Connection behavior. (4) In the sensitive file access monitoring module, we actualizes the program of creating sensitive files set based on inverted index. Compared with using string matching to seek sensitive documents, it improves the efficiency of function realization. (5)In the remote screen scraping module, it actualizes the image transmission program based on color filtering, grid, xor and selective and blocking transmission. The color filtering actualizes color merging and palette rebuilding to filter color data. The image block actualizes partitioning scheme by the way of experimenting, and adopt xor as the way of deciding if the image has changed. What's more, it also determines whether to compress the image based on the scale of the image changing by the way of experimenting. The image compression actualizes the Deflate algorithm for image compression and decompression model, so as to achieve the data's smooth transmission in local area network environment.Finally, the practical operational examples show that the system has good practicability and popularization. |
PDF Full Text Request