返回 政治论文 首页
Research on Computer Network Security and Protection

  Abstract: This paper is mainly discuss the security of network, through the analysis of the threat to network information security factors, and then puts forward five kinds of common computer network information security protection strategy, and discusses the application that how to choose and coordinate all kinds of network security technology. At the same time, aiming at the security problem of network information system designs a set of solutions to the problem.
  Keywords: Network information security; security threats; preventive measures; information security;
  0 Introductions
  With the wide application and development of information technology and Internet technology, the Internet has become an indispensable part of life, people is increasing on the information demand and dependence of network system. At the same time, the network security threats are becoming more and more serious. Therefore, analyze the causes of network security, and puts forward relevant countermeasures to protect the security of network is becoming more and more important. Internet’s openness and other factors cause has many security hidden troubles of the computer system under network environment. In order to solve these security problems, security mechanism, a variety of security policy and network security tool is developed and applied to the people.
  Network information security is a comprehensive discipline involving computer science, network technology, communication technology, cryptography, information security technology, applied mathematics, number theory, information theory and other disciplines. It mainly refers to the data protection network system hardware, software and its system; that do not suffer accidental or malicious reasons destruction, change and leak, to ensure continuous and reliable system in normal operation, the network service interruption [2].
  1 The main attack method of computer network
  Network attacks or intrusion refers to the use of the system (host or network) security vulnerabilities, sneaked into another system, eavesdropping, tampering, add or delete information behavior. With the rapid development of computer technology, the means and methods of network attacks and intrusions of hackers are constantly updated. As shown in figure 1.
  1. Password invasion: The so-called password invasion refers to use some software to have being encrypted password file, but many hackers have adopted a bypass or shielding password protection program to complete this work.   2. Use the loopholes of software “back door” intrusion: mentioned in many software systems have such security holes (Bugs), some of which are operating system or application software itself has. Most of the attacks will success or use the software system itself loopholes.
  3: network monitoring: network monitoring is a work mode of the host, in this mode; the host can receive all the information on the network transmission in the same physical channel, regardless of the information of the sender and recipient who is.
  4. Denial of service attack: a denial of service attack is that an attacker get the target machine to stop providing services, is one of the common means of attack. A small part of the network bandwidth consumption attack is a denial of service attack, as long as they can cause problems for the target, so that some services are suspended or even host death, belongs to a denial of service attack.
  Denial of service attack problem has no reasonable solution, the reason is because this is caused by the deficiency of network protocol itself, and denial of service attacks have become the ultimate skill attacker. The attacker was a denial of service attack, actually let the server to achieve two effects: one is forcing the server buffer full, does not receive the new request; two is the use of IP spoofing, forcing the server to connect reset legitimate users, connections affect the legitimate user.
  5. Masked IP attack: It refers to an illegal host fake internal host IP address for the server, “trust”, so as to achieve the purpose of network attack.
  6 Trojan viruses: Troy is an illegal procedure contained in the legal procedure. The illegal procedure executed by the user unknowingly, General Trojan has client and server two executive programs, where the client is used for an attacker to remotely control the Trojan machine, the server program is a Trojan horse program.
  The attacker attack your system through the Trojan horse, the first step is doing that put the server program Trojan horse to your computer. Trojan horse can also through the Script, ActiveX and Asp, Cgi interactive script mode. In the implanted Trojan attack after the host, it is usually through a certain way to invade the host information, such as sender IP address, Trojan host port to an attacker, so the attacker has these information can collaborate from within with forces from outside attacks and Trojan control host.
  7. Computer virus: a computer virus is a kind of procedures can attach itself to the target system’s file. When the virus attacks, system resources will consumption and cause the system to crash or denial of service. It is most dangerous in all destructive devices.   8. Worm program: It is also known as super virus, it is a separate program, can directly attack the flaws in the system, a lot of reproduction and propagation through the network, and make the communication overload, and eventually make the network paralysis.
  2 Security strategies for computer network information
  1) Strengthen the user account security. Including the system login name and email account, online bank accounts and other application account, and obtaining lawful account number and the password is the most commonly used method of hacker attacks network system. First is to set the complex password to login account; second is to try not to set the same or similar account, as a combination of letters and numbers, special symbols way of setting the account number and password, and try to set up a long password and regular replacement.
  2) Install firewall and anti-virus software. Network firewall technology is a kind of technology used to strengthen the network access control, to prevent external network user access to the internal network by illegal means, access to internal cyber source, special network interconnection equipment to protect the internal network operating environment. It inspects certain security policy between two or more network transmission of data packet, to determine whether the communication between networks are allowed, and monitor the running state of network. According to the firewall technology used in different, it can be divided into: packet filter, NAT, proxy and monitoring. The network in the sub transmission technology filtering firewall, by reading the data address information to determine whether the package in the “package” is from a trusted secure site, once found dangerous sites data packets, the firewall will refuse the data.
  NAT firewall takes the inner IP address into a temporary, external, registered IP address. The internal network accesses to the Internet, to hide the true IP address. The external network access to the internal network through the card, it does not know the connection of the internal network, but only through an open IP address and port to request access.
  Proxy firewall or proxy server, located between the client and server, blocking out the exchange of data between the two. When a client needs to use the data on the server, the first data request to the proxy server, the proxy server according to the request for data to the server, and then transmitted to the client. Since there is no direct data channel between the external and internal server, external malicious infringement are difficult to damage to the internal network system.   Monitoring firewall is a new generation of firewall products; the technical definition is beyond the initial firewall. This type of firewall can each layer of data are active, real-time monitoring, through the analysis of these data, to effectively identify the illegal invasion in each layer. At the same time, monitoring firewall generally with distributed detector, the detector placed in the nodes of the application server and other network, can not only detect the attack from outside the network, but also has the very strong preventive role on the internal malicious damage.
  Personal computer uses a software firewall and antivirus software, usually. Antivirus software is that we use most of the security technology, this technology is mainly for the virus, may be killing the virus, intrusion and the current mainstream anti-virus software can also prevent the Trojan horse and other hacker program. But should notice, anti-virus software must promptly upgrade, upgrade to the latest version, can effectively prevent.
  3) To install the patch of bugs. An increasing number of viruses and hackers exploit software vulnerabilities to attack network users, such as attack wave virus known by Microsoft RPC vulnerabilities to spread, Sasser virus is the use of buffer overflow vulnerability exists in Windows LSASS attack. In order to correct these vulnerabilities, software vendors release patches. We should timely installation vulnerability patches; effectively solve the security vulnerabilities resulting from the program.
  4) Intrusion detection and network monitoring technology
  Intrusion detection is a preventive technology developed in recent years, using a combination of statistical techniques, rule method, network communication technology, artificial intelligence, cryptography, reasoning techniques and methods, and its role is to monitoring network and computer system appeared the sign was invaded or abuse. According to the analysis of technology adoption can be divided into signature analysis method and analysis method.
  5) File encryption and digital signature technology
  File encryption and digital signature technology improve the data security and the information system, one of the main technology is that prevent secret data to steal, interception or damage the. According to the different role, the differential file encryption and digital signature technology consists of data transmission, data storage, data integrity.


【相关论文推荐】
  • Research on Computer Network Security and Prevention Strategy
  • Cloud computing and network security research
  • Security of Computer Network and Measures of Defense
  • Analysis and Solutions on Computer Network Security of China's Commercial Banks
  • Computer network security evaluation based on Fuzzy Analytic Hierarchy Process technology
  • Security Threatening Factors and Security Technologies of Network
  • The Study on Network Security Strategy based on Security Evaluation
  • Design and Realization of Security Network Database
  • Advantages of Computer Network Resource Sharing