Research On The Model Of Stereoscopic Security In Digital Campus Network

In the past years,with the development of network technology,the network technology has been more complicated.The relatively complete campus network architecture has been formed by vigorously developing the digital construction in universities.However,because of the security problems,the campus networks of universities have been attacked repeatedly and suffered large losses.Therefore,it is urgent to realize the security and reliable construction of campus network.According to the trend of developing network security at present,this thesis studies the common security problems faced by campus network.The main work is as follows:(1)The idea of three-dimensional defense which is from VLAN partition in network construction to border network deployment,internal network deployment,data center deployment,network access security,exit security and a series of security measures is put forward.(2)Aiming at the main problems in Intrusion detection,it is developed an improved scheme by using K-Means algorithm as the premise to optimize the intrusion detection method,it is also optimized the methods of difficult to determine the number of clusters and the sensitivity of clustering algorithm to outliers and noise in this thesis.The new intrusion detection algorithm KMFP,which combines the optimized intrusion detection method with association rule mining algorithm FP-Growth,is used in the system model to optimize the methods of insufficient real-time detection,rate of low detection and high error.The best attributes are selected by feature selection algorithm to improve the efficiency of integrated intrusion detection.(3)(3)Firewall and intrusion detection are used to strengthen security defense.On the basis of in-depth study and analysis of existing linkage models,it is combined with their advantages and considered the reliability,ease of use and scalability of the linkage system to design and implement the FIDL(Firewall and Intrusion Detection Linkage)linkage model between firewall and intrusion detection.By utilizing KDD-Cup99 data source as experimental data,the simulation results show that the intrusion detection method proposed in this thesis can ensure the detection efficiency andreduce the false alarm rate of the system.