信息网络安全 信息学院 软件技术 *** ********** 信息A1111班
Abstract
With the development of modern network information technology, computer network has become an indispensable part of people's life and work. People become increasingly dependent on the network, information security becomes more and more prominent, large amounts of information stored in the network, may be illegal intrusion at any time, there is a serious security risks. Therefore, the information security of computer network becomes more and more important. This paper introduces the present situation of network information security and protection measures.
Keywords: computer network, information security, current situation, protection measures
Contents
Contents ............................................................................................................................1 First Network information security .......................................................................... 1
1.1 Overview of network information security ..........................................................1 1.2 Five characteristics of network information security ...........................................1
Second The current situation of the network information security ........2
2.1 Network threat diversified ...................................................................................2 2.2 At present, the network security vulnerability is high .........................................3 2.3 Diversity transmission of the virus in the form of ...............................................3 2.4 Bot net is increasing .............................................................................................3 2.5 Now the rogue software is more and more, disturbs the order of network ..........3 2.6 Network information security awareness of the whole society is weak ..............4
Third The protection of network information security ...............................4
3.1 Firewall technology .............................................................................................4 3.2 Data encryption technology .................................................................................4 3.3 Intrusion Detection Technology ...........................................................................5 3.4 Virus protection ....................................................................................................5 3.5 The identity authentication technology ................................................................5
summarize........................................................................................................................7 References ........................................................................................................................8
First Network information security 1.1 Overview of network information security
Information security is refers to the safety protection and taken to establish the information processing system of the technology and the management, in order to achieve electronic information confidentiality, integrity, availability, controllability and non-repudiation. In the information age, the computer network has become an indispensable tool for information exchange. However, because the computer network is open, interconnected, various connection methods and terminal distribution inhomogeneity, plus technical weaknesses itself and human negligence, resulting in the network is susceptible to computer viruses, hackers and malicious software. In the face of threats of invasion of network security, must consider the security of information this critical problem.
The security of network information is divided into two levels of network security and information security. Network security including system security, namely hardware platform, operating system, application software; operation service security, which ensures continuity, high efficiency service. Information security mainly refers to data security, including data encryption, backup, procedures etc.
1.2 Five characteristics of network information security
(1)completeness
The information exchange, in the transmission, storage and processing remain unmodified, non destructive and non loss property, maintain information as is, so that information can be generated correctly, storage, transmission, this is the most basic security features. (2)Confidentiality
The information is not leaked to the person, or entity unauthorized process according to the given requirements, or provide the advantage of features, which put an end to the useful information leaked to unauthorized individuals or entities, emphasizing the useful information only authorized feature objects use.
(3)serviceability
Refers to the network of information authorized entities can properly access, and
1
normal use or can recover the use of features in abnormal conditions according to the requirements, which can correctly access the required information in the operation of the system, when the system is under attack or failure, can quickly recover and put into use. Usability is a security measure of network performance of the user oriented information system.
(4)non repudiation
The both sides of communication in the information interaction process, make sure the participants themselves, as well as provide participants with information true identity, that all participants can not be denied or deny my true identity, and provide information on the original and complete the operation and commitment.
(5)controllability
Refer to information dissemination of the circulation in the network system and
specific content can realize effective control, namely any information network system should be controlled in a certain range and storage space. In addition to the conventional communication and dissemination of the contents of this form of site monitoring, the most typical example password managed policy, when the encryption algorithm by third party management, must be strictly in accordance with the provisions of the controllable execution.
Second The current situation of the network information security
The network information technology development in China compared with that in developed countries, started late, backward technology, lack of talents, which leads to safety in network information in China is relatively fragile stage. But the network information security problem is still outstanding, harm and loss caused can not be ignored.
2.1 Network threat diversified
In recent years, the network threat diversified, the biggest temptation and network attack is the economic interest. Network attack organized, specific goal and behavior tendency has already become a major trend of current network attack. Network deception constantly upgrading, in the current network deception exists everywhere in blackmail software, net swims pilfer date and net silver-colored pilfer date trojan, shows some
2
lawless elements of network attack is driven by economic interests. In addition, some hackers are combined to form a group or organization, in the network attack, the internal personnel have a clear division of labor, making malicious code or even destructive virus, spread the code so as to obtain the required information to achieve the attack. Network attacks have been from the initial interest in network technology to the illegal gain economic benefits in the direction of change.
2.2 At present, the network security vulnerability is high
Is often old vulnerabilities are managers or network technology personnel repair, new security vulnerabilities, the more serious hazards arise. What is more, some hackers or network technology researchers found new security vulnerabilities, does not immediately released, but their use, until the time comes, was released. On the other hand, is managers do not have time to upgrade and maintenance of the network system, to create security vulnerabilities.
2.3 Diversity transmission of the virus in the form of
Now the virus's function is more and more powerful, concealment and self-protection ability is more and more advanced, so that it can be and mobile devices for communication continuously through the network system. Relying on the e-mail to the spread of the virus by traditional means is not commonly used, hackers often use network security vulnerability hang virus on the site, and then allows the user to attack or virus.
2.4 Bot net is increasing
A bot net is a new term appeared in recent years, mainly refers to the hacker control a large number of computers on the network, and use the computer network attack to attack the formation of large-scale network. Bot net great harm, on one hand, it is difficult to detect bot net behind the scenes; on the other hand, the bot net attack, speed, obvious effect, can be in a few minutes or even seconds of time to let the other side network paralysis.
2.5 Now the rogue software is more and more, disturbs the order of network
Rogue software refers to those who provide the normal function of the software, but in the installation or download time without the user's consent to install or upload some
3
files. This software can do not to know when the user imperceptibly, causing substantial risk to the user. Typically there is thunder, QQ real-time chat tools and some of the players.
2.6 Network information security awareness of the whole society is weak
At present, although the society often stressed the need to improve information security awareness, but not to its application to practical problems. We know that, in the event of network attack is still the network management is not in place or negligence, the computer system of many enterprises and companies don't even fortification. Some even have a security service system of professional, but in use after a period of time, found not so, free, who changes to security policy, cause the threat to network security mismanagement. These are not strong awareness of network security caused, and this situation in the present society is still widespread.
Third The protection of network information security
Although the computer network information security is threatened, however, take appropriate protective measures can effectively protect the security of network information. So the network information security protection measures is essential to this, we used several protection technology are analyzed.
3.1 Firewall technology
The firewall is not a panacea, but is essential for network security. It is located between the two network barrier, one side is the internal network (trusted network), the other side is the external network (not trusted network). The system administrator firewall according to predefined rules to control the import data packet.
Most firewalls use one or more of the three mode of operation: the use of a filter to check the data packet source and destination; according to the provisions of the system administrator to accept and reject packets, scanning data packet, search and application of relevant data; in the network layer packets of data mode check known, to see whether the \"friendly\" packet mode.
3.2 Data encryption technology
4
Data encryption is the most basic safety network, mainly to ensure the safety of the data encryption of the information in the network. Encryption is a technique for data transmission on the network access to strengthen restrictions. The original data is encrypted equipment and key encryption and the encoded data is referred to as the ciphertext. Decryption is the reverse process of encryption, is to restore the original plaintext ciphertext decryption, but must use the same type of encryption devices and key, can decrypt the ciphertext.
3.3 Intrusion Detection Technology
Intrusion detection system is to collect information from a variety of computer system and network system, the analysis of information on the computer and cyber source, malicious acts of network information security system identification. Intrusion detection system has many functions: deterrence, detection, response, damage assessment, attack prediction and prosecution support. Intrusion detection technology is to ensure the security of computer information systems design and configuration of a can discover and report unauthorized or system anomalies technology, which is used for a breach of security strategy behavior detection in computer network technology.
3.4 Virus protection
A reasonable set of antivirus software, if installed antivirus software has to scan email functions, these functions will be fully opened to;Regular inspection of sensitive documents;Take the virus detection and monitoring measures necessary;To buy the new hard disk, floppy disk, software and other resources, should first use of virus test software to check for known viruses before use, the hard disk can use low-level formatting;Wary of email attachments, if you receive mail in the executable file or with the \"macro\" kill again, make sure no open after the virus;Upgrade in time the mail program and operating system, with all known security vulnerabilities repair.
3.5 The identity authentication technology
Identity authentication is the verification process system user identity, its essence is to find out whether the user has requested resource storage use right. Identification (Identification) refers to the process of the user to the system to produce their identity. The two work is often referred to as the identity authentication. Identity authentication should include at least the protocol verification and authorization protocol. All kinds of
5
application and the computer system in the network through the identity authentication to confirm the legitimacy, and then determine the personal data and its specific permissions. The identity authentication system, a legitimate user's identity is easy to be pretending to be its most important technical index. The identity of the user is to not only may damage the user's own interests, but also may damage the interests of other users or the entire system. Therefore, identity authentication is the basis of authorization control. Only valid identity authentication, to ensure the effective implementation of access control, security audit, intrusion prevention security mechanism.
6
summarize
In recent years, the computer network is more and more popular, in the era of the digital economy made a great role in promoting, network information security has received more attention. At present, the network information security also has the very big hidden trouble, there are a lot of problems in the real life, nor a moment will be able to solve the. Network information security is not a simple technical problems, but also relates to the management problems. Its development needs the joint efforts of the whole society, to improve the safety of the network through a variety of measures and publicity and education. In the age of technology development, the network security technology will gradually progress and development, the hidden dangers and problems will be solved gradually, the network environment will also become more and more perfect and safe.
7
References
[1] Hu Weijian. Network security and confidentiality. Xi'an: Xi'an Electronic and Science University, 2003
[2] Wang Yu, Yan Hui. Information security technology. Beijing: National Defence Industry Press, 2010
[3] Wang Lina. Introduction to information security. Wuhan: Wuhan University press, 2008
[4] Zhao Lei, Fu Xiao, Liu Jin. Network of information security risks and preventive strategy of.2011.
[5] Liu Sufen. Current status and protection strategy of network information security. Electromechanical product development and innovation of.2012.
[6] Xu Tao. The analysis of network security architecture and design principles. Computer knowledge and technology, 2009
[7] Liu Yangfu. The computer network security and virus prevention. Hainan Province Institute of Communications Conference papers, 2008
8
9
因篇幅问题不能全部显示,请点此查看更多更全内容
Copyright © 2019- oldu.cn 版权所有 浙ICP备2024123271号-1
违法及侵权请联系:TEL:199 1889 7713 E-MAIL:2724546146@qq.com
本站由北京市万商天勤律师事务所王兴未律师提供法律服务