Control And Management Of Linkage Protection Based On Security Gateway

The space-ground integration information network has the features of high coverage that is difficult to achieve with traditional network architecture,stable signal,and small influence on terrain.However,it faces more network security issues because of its complexity.The traditional network security defense mechanism and attack detection methods are mostly arranged on the attacked party,and the defense means is rare,which is difficult to cope with the complex environment of the space-ground integration information network.Even if these defense mechanisms can effectively protect the security of the target being attacked,some attacks that consume a lot of network resources will still cause great waste to the precious resources of the space-ground integration information network.Linkage protection control technology can realize the centralized management and the control of network resources,and achieve more comprehensive network defense by controlling network devices.A network security defense system based on linkage protection control and management technology is designed for the security flaws of the space-ground integration information network.Aiming at the lack of management and control of network resources in traditional defense systems,only focusing on the security of attack targets,designed a close threat source attack blocking method based on the control of security gateway,and a gateway load calculation method based on EWMA is implemented.The system is divided into two parts:the linkage protection control main system and the subsystem.The linkage protection control subsystem is arranged on the security gateway.Through the data collection and delivery instructions,the security gateway is controlled and managed.The linkage protection control main system realizes the linkage management and control of the entire network security gateway through centralized control of the subsystem.An attack blocking device selection policy is designed to block the attack on the network device,which is the closest to the attack source to implement intelligent matching between the blocking node and the blocking policy.In this way,it can protect the network resources of the space-ground integration information network with an extreme excellence.The design and implementation of the linkage protection and control system are verified by experiments.In the case of deploying other defense systems and linkage protection control systems,the network is attacked at the same level.From the traffic changes on the security gateway,it can be observed that under the same situation,the network which has linkage protection control system,the attack traffic is greatly reduced,and its resources are better protected as well.