Design And Implementation Of User Behavior Security Early Warning Analysis System Based On Secret Level Matrix

With the continuous advancement of information security construction in military enterprises,most military enterprises have formed a complete and effective information security protection system in accordance with the national grading protection requirements,which provides security protection on physical security,operation security,information security and confidentiality management,etc.Although the current information security protection system has enhanced the robustness of secret-related networks which has effectively prevented hackers and other internal and external attacks to a certain extent,the protection against internal personnel is slightly insufficient.A number of network security incidents at home and abroad in recent years indicate that 70% of the leakage incidents are due to negligent breaches of confidentiality caused by insufficient fine-grained access control of internal personnel,and this proportion is still on the rise.Therefore,the threat caused by the negligence of an internal staff is far more than that of a first-class hacker.The main content of this article comes from the secret-related military industry.The users in the enterprise intranet are both the initiator and the receiver of the information.According to the special requirements of classified protection of information security of the enterprise,due to the different degree of confidentiality and the range of knowledge of users,the security level of IT equipment,application system and information access are all have strict and special requirements.In order to dig out and discover the various user behavior rules presented in the network,and make correct evaluations and corresponding treatments on them,in the enterprise intranet according to the aspects of user's confidentiality degree,the scope of user's knowledge,the confidentiality of the used IT equipment,the security level of the application system user visit,and the security level of the accessed information,we establish the user network access behavior confidential level matrix algorithm model to realize the early warning and analysis of user access throughout the network,and finally achieve intelligent,automated,and informatized real-time discovery of users whether the behavior meets the confidentiality requirements of corporate information security.Therefore,the purpose of this paper is to design and realize whether the user's network behavior is not in compliance with the requirements of information security classification protection,and to early warn and hand them in time.At present,the research results of this paper have been successfully applied to the full path analysis and early warning of user behavior in a military enterprise's secret-related network.Practice has proved that through the secret level matrix algorithm model of this paper,the unauthorized access of users,high-density low-flow,low-density output and other behaviors in the secret-related network can be detected and early warned in a timely manner which can effectively prevent the occurrence of leakage events caused by the negligent behavior of internal personnel.