网络安全研究现状概述

对网络安全的含义作了细致描述,介绍网络安全的基本要素和目标.简述影响了网络安全的因素,从系统自身的脆弱性和外界的攻击两方面来说明网络的不安全性;描述网络安全风险,同时分析网络安全管理平台的起因,最后对未来进行展望.     

计算机网络安全的思考

当今,网络技术比起以前有长足的发展,网络已经逐渐与人们的工作、生活相结合,同时网络安全问题也变得日益突出。为应付当前出现的各种网络安全问题,网络安全技术及软硬件设备层出不穷。     

试析网络安全与防范

随着计算机科学技术的发展,计算机网络已广泛用于经济、军事、教育等各个领域。因此,计算机的网络安全便成为涉及个人、单位、社会、国家信息安全的重大问题。如何保障网络信息的安全已成为当前人们迫在眉睫需要解决的问题。就造成计算机安全威胁的主要原因及一些防御措施提出一点粗浅的看法。     

网络安全管理平台的设计与实现

当今社会计算机和通讯技术得到了普遍应用,在经济和生活的各个领域计算机网络的应用正在迅速普及,整个社会越来越依赖于网络。政府、企事业单位、社会团体众多都在组建和发展自己的网络,并连接到Internet上,以实现网络信息和资源的共享。但伴随着计算机网络的广泛应用,各种各样的问题也逐渐暴露,其中安全问题尤为突出:非法访问、恶意攻击、计算机病毒等网络安全威胁越来越严重。面对严峻的安全问题,我们充分的认识到网络中不仅需要安全防护技术,更重要的是加强对网络的安全管理。网络技术的不断进步和认识的不断提高使得网络安全管理平台建设应运而生。     

计算机的网络安全威胁及防护

在这个信息大爆发的时代,人们的生活通过互联网向着更加开放自由的方向发展。但是有随之而来的问题便是网络安全。本文就网络安全的几种常见情况作了分析,针对怎样通过企业实际情况选择最合适的方案保障网络安全,以及怎么构建合理的企业安全网络防护作了相应的研究。     

计算机网络安全的管理与应用

随着科技的发展,计算机得到了快速发展,本文主要介绍了计算机网络安全的基本内容及其面临的网络攻击威胁情况,在分析这些问题的基础上,对此提出了一些建议。     

浅析气象网络安全

近几年来,随着气象信息对人们生产、生活作用的不断加大,它的安全也备受关注.从气象网络的概念、安全的必要性出发,逐一探讨了气象网络安全存在的问题,以及相关的解决措施.     

分析影响计算机网络安全的风险因素及对策

随着计算机的普及和网络在大众生活中的应用,网络安全越来越受到大众关注,并成为人们生活和工作顺畅与否的关键因素。计算机与网络的实际使用中,一系列风险因素的影响让网络安全受到威胁,而一些相对应的策略的提出,为维护网络安全提供了良好的保障。     

计算机网络安全建设方法及安全技术

随着计算机技术和通信技术的发展,计算机网络正变得日益重要,已经渗透到各行业的生产管理、经营管理等各个领域。因此,认清网络的脆弱性和存在的潜在威胁,并采取强有力的防范措施,对于保障计算机网络的安全、可靠、正常运行具有十分重要的意义。本文分析了对网络安全建设造成威胁的诸多原因,并在技术及管理方面提出了相应的防范对策。     

局域网网络安全研究

随着计算机网络的高速发展和普遍使用,计算机网络提供给我们生活各种资源的同时也存留了许多安全隐患,安全是网络正常运行的必要因素,当然不仅仅是一方面的安全,它还包括了网络信息的整体安全,所以,全方位保护是必须的。使用简单、高速快捷、多网合一、安全保密便是未来的网络技术的特点。如果按网络的组建规模和延伸范围来划分,计算机网络可分为局域网、城域网、广域网。文章就局域网技术在目前发展基础上,简要介绍局域网,分析当前局域网网络安全的形式和面临的种种威胁与问题,并且研究网络安全防范的具体措施和相关的技术,说明了当前在我们生活中局域网网络安全的重要性。     

当前网络安全形势与应急响应

随着互联网应用的迅速发展,各种网络安全威胁不断出现。本文介绍了网络安全所呈现的特点以及目前所面临的形势。攻击方法的更新、攻击技术的提升以及攻击范围的扩大给应急工作带来了考验。应急工作的管理现状存在一定的问题,在核心技术、安全保障方面都比较落后。借鉴传统领域的应急体系,改善当前应急技术措施成为网络安全工作的重要部分。针对新时期的网络安全应急工作环境,提出了调动体系力量,多方联动的消除方法,从体制和机制等方面来进行保证,以防止网络威胁产生的巨大影响。     

System Architecture and Key Technologies of Network Security Situation Awareness System YHSAS

Network Security Situation Awareness System YHSAS acquires, understands and displays the security factors which cause changes of network situation, and predicts the future development trend of these security factors. YHSAS is developed for national backbone network, large network operators, large enterprises and other large-scale network. This paper describes its architecture and key technologies: Network Security Oriented Total Factor Information Collection and High-Dimensional Vector Space Analysis, Knowledge Representation and Management of Super Large-Scale Network Security, Multi-Level, Multi-Granularity and Multi-Dimensional Network Security Index Construction Method, Multi-Mode and Multi-Granularity Network Security Situation Prediction Technology, and so on. The performance tests show that YHSAS has high real-time performance and accuracy in security situation analysis and trend prediction. The system meets the demands of analysis and prediction for large-scale network security situation.     

网络化时代包装企业的网络安全

分析了当前包装企业加强网络安全工作的必要性，并给出了相应的网络安全策略。     

The Program Research on Security Programs Before Flight Based on Single Code Network Plan

The civil aviation industry has made rapid development with the continuous growth of China＇s economy. At the same time ,the airline companies buy more and more civil aircrafts.This phenomenon will lead to a big flying density ,which will make airport management become more complex.This paper first introduces the characteristic of security programs before flight and the single code network plan, and then put the security programs before flight into the single code network plan to find out the key route and calculate the guarantee period. Finally, we analyse the programs according to the guarantee period and critical route.It not only provides a support for administrator, but also we present a reasonable methods to reduce the guarantee period.     

Ameliorate Security by Introducing Security Server in Software Defined Network

Software Defined Network (SDN) deals with huge data processing units which possess network management. However, due to centralization behavior ensuring security in SDN is the major concern. In this work to ensure security, a security server has been at its aid to check the vulnerability of the networks and to keep an eye on the packet according to the screening policies. A Secure Shell Connection (SSH) is established by the security server which does a frequent inspection of the network’s logs. Malware detection and the Intrusion Detection System policies are also incorporated in the server for the effective scanning of the packets. In response to a suspicious log or the packets in the SDN network there is a change in the security norms. Hence the proposed work updates the security policies in accordance with the attacker mentality.     

政府联网计算机终端安全标准研究

本文针对政府部门联网计算机终端安全保障的需求,探讨了政府联网计算机终端安全保障标准体系的组成,提出了《政府联网计算机终端安全基本要求》国家标准的定位和框架结构。     

MIS系统安全登录中加密技术的应用研究

针对当前MIS系统登录方式在安全方面的问题和不足，分析了加密技术在数据库中应用的特殊性及加密算法特别是DES算法的特点。根据《铁道货币资金结算和管理系统》（RFS MIS）的安全需求，利用数据库的安全机制，设计了在双层用户角色模式下，应用3DES算法加密用户登录信息的安全登录验证机制；并详细论述了其在RFS MIS系统中的具体实现过程。     

网络安全侦测技术研究

在分析网络安全侦测的基本原理基础上，设计实现了对IP数据包包头和包内容的分析处理，可以完成对网络安全状况进行分析、判断、统计、报警等功能。实现在不影响网络流量的情况下对IP数据包进行截收和分析处理、对特罗伊木马等特殊端口危险数据包报警以及对包内容设置敏感词库报警。     

MSICST: Multiple-Scenario Industrial Control System Testbed for Security Research

A security testbed is an important aspect of Industrial Control System (ICS) security research. However, existing testbeds still have many problems in that they cannot fully simulate enterprise networks and ICS attacks. This paper presents a Multiple-Scenario Industrial Control System Testbed (MSICST), a hardware-in-the-loop ICS testbed for security research. The testbed contains four typical process scenarios: thermal power plant, rail transit, smart grid, and intelligent manufacturing. We use a combination of actual physical equipment and software simulations to build the process scenario sand table and use real hardware and software to build the control systems, demilitarized zone, and enterprise zone networks. According to the ICS cyber kill chain, the attacker is modeled, and two typical attack scenarios are constructed in the testbed. Through research into this security solution, whitelist-based host protection and a new Intrusion Detection System (IDS) are proposed and tested.     

A New Model for Network Security Situation Assessment of the Industrial Internet

To address the problem of network security situation assessment in the Industrial Internet, this paper adopts the evidential reasoning (ER)algorithm and belief rule base (BRB) method to establish an assessment model. First, this paper analyzes the influencing factors of the Industrial Internet and selects evaluation indicators that contain not only quantitative data but also qualitative knowledge. Second, the evaluation indicators are fused with expert knowledge and the ER algorithm. According to the fusion results, a network security situation assessment model of the Industrial Internet based on the ER and BRB method is established, and the projection covariance matrix adaptive evolution strategy (P-CMA-ES) is used to optimize the model parameters. This method can not only utilize semiquantitative information effectively but also use more uncertain information and prevent the problem of combinatorial explosion. Moreover, it solves the problem of the uncertainty of expert knowledge and overcomes the problem of low modeling accuracy caused by insufficient data. Finally, a network security situation assessment case of the Industrial Internet is analyzed to verify the effectiveness and superiority of the method. The research results show that this method has strong applicability to the network security situation assessment of complex Industrial Internet systems. It can accurately reflect the actual network security situation of Industrial Internet systems and provide safe and reliable suggestions for network administrators to take timely countermeasures, thereby improving the risk monitoring and emergency response capabilities of the Industrial Internet.