Design And Implementation Of The Exchange For The Isolation Of Application Data Stream Detection System

The birth of the Internet is a computer technology that is very great change achievement,Based on extensive research and development and use of network applications is greatly changed people's lives and promote the development of society.Especially Web-based applications has greatly changed the way people communicate information and share files.At the same time,Network security issues are also emerging,The complexity of network security issues than in the past has been greatly raised,A huge challenge for the network security.Network isolation switching systems provide a way to network and external data security gateway exchange.However,the current system is based only on isolated switching addresses,Protocol and user identity exchange control,Applications can not be checked and controlled.Due to the current terminal security issues have become increasingly prominent,Unauthorized application software for data access across the network can cause information security problems.Therefore,the legality of cross-network exchange of application software detects a problem worthy of study.Thesis analyzes the network isolation switching technology,Isolation switching systems architecture,Proxy technology and streaming content inspection technology in-depth analysis,Point out shortcomings,Explain the necessity of the application data stream detection technology.Paper proposes architecture for application data stream detected isolated exchange.Applications for authorization issued by the management control system features,Exchange agent for application data stream detection and feature package,Isolation exchange designed according to published authorization application characteristics of the data stream is detected.From the perspective of a credible program complete,Proposed a software application integrity monitoring network data stream switching agent based,The technology is primarily all packets sent by the terminal,By switching agents interception,And by finding the intercepted packets and port information transmission protocol information,And then look for the target application,Abstract application of unique documents as invariant features.Proposed multi-SHA-1 digest calculation algorithm to quickly implement applications.Made for isolation switching exchange agent software design,As well as data encapsulation and processes.And we completed the exchange agent prototyping in the framework of a Windows-based NDIS,Acquisition and testing to achieve the uniqueness of the application source files.Finally,this article design to build a test lab environment,Prototype system designed for performance testing,Experimental data obtained by test results that Verify the feasibility of the proposed technology and reliability.