Webjoin的主动防御模块的设计与实现

发布时间：2018-04-05 07:27

本文选题：主动防御　切入点：Webjoin安全配置　出处：《北京邮电大学》2014年硕士论文

【摘要】：随着信息时代的快速发展,Web技术突飞猛进,网络技术朝着多样化方向发展,但是随之而来的Web安全问题也日益多样化,给我们的信息网络带来极大的破坏。一方面,这些Web安全问题迫使网络应用的设计者提高安全防范意识,加强应用程序的健壮性；另一方面,针对安全问题的扫描评估软件工具成为了各大网站不可或缺的漏洞检测手段。然而这些还不足以应付无孔不入的网络入侵,而主动防御技术因其防御的高时效性和低误判率赢得了国内外安全研究者的青睐,正逐步成长并兴起而来。 Webjoin server主要目标是整合开源Web服务器,提供统一的操作维护界面、增强的异常检测和异常处理的能力,同时又保证Web应用开发兼容性,进一步提升Web相关产品的可靠性和可维护性。本文研究并实现了Webjoin的主动安全防御模块。基于对Webjoin服务器的安全性能需求和实现的可行性研究分析,本论文提出并设计实现了基于主动防御思想的安全防御模块,这个模块主要实现了三个方面的安全防御工作：基于Webjoin服务器自身的防漏洞安全配置；重要页面及文件的防篡改；网络入侵行为的检测。论文在三个功能子模块的设计和实现中体现了针对性和创新性,对每个子模块都进行了详细的设计和功能实现,并对相关技术进行了深入研究与实现。在论文的最后,对安全防御模块整体进行了功能及性能测试。
[Abstract]:With the rapid development of web technology in the information age, the network technology is developing in the direction of diversification. However, the security problems of Web are becoming more and more diversified, which brings great damage to our information network.On the one hand, these Web security problems force network application designers to enhance security awareness and enhance application robustness; on the other hand,The scanning and evaluation software tool for security problems has become an indispensable vulnerability detection tool for various websites.However, these are not enough to deal with the all-pervasive network intrusion, and the active defense technology has won the favor of domestic and foreign security researchers because of its high timeliness and low misjudgment rate, and is gradually growing up and rising.The main goal of Webjoin server is to integrate open source Web server, provide unified operation and maintenance interface, enhance the ability of exception detection and exception handling, and at the same time ensure the compatibility of Web application development.Further improve the reliability and maintainability of Web related products.The active security defense module of Webjoin is studied and implemented in this paper.Based on the analysis of the security performance requirements and the feasibility of the implementation of Webjoin server, this paper proposes and designs a security defense module based on active defense.This module mainly implements three aspects of security defense work: security configuration of vulnerability protection based on Webjoin server; anti-tampering of important pages and files; detection of network intrusion behavior.In the design and implementation of three functional sub-modules, the thesis embodies the pertinence and innovation, and carries on the detailed design and the function realization to each sub-module, and carries on the thorough research and the realization to the related technology.At the end of the thesis, the function and performance of the security defense module are tested.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】