校园网安全体系的设计与实现

发布时间：2018-06-19 05:49

本文选题：校园网 + 网络安全　；参考：《兰州理工大学》2017年硕士论文

【摘要】：随着计算机技术、网络技术的飞速发展,为各个行业带来了巨大变化,这其中就包括高校中网络信息化的运用,丰富的网络资源、应用服务为师生提供了良好的工作、学习和生活环境,有力推动了高校的教育教学、日常管理等方面的改革和发展。如何设计并建立一个安全、可靠、高校的网络,减少计算机病毒的侵害、黑客的攻击、数据的篡改等方面的网络安全隐患,是各高校当前及今后急需解决的。论文首先通过国内外网络安全现状,分析了当前高校校园网普遍面临的安全威胁及其来源,指出了构建安全的校园计算机网络需要解决的关键问题;其次介绍了校园网常用的网络安全关键技术,并以网络安全模型为指导,分析了校园网安全管理的对象和基本功能,构建了更为安全的P-WPDRRC安全模型,通过对模型各模块的研究,综合利用防火墙技术、入侵检测技术、防病毒技术、安全扫描技术、密码技术等各种网络安全技术,分别从物理安全、链路安全、网络安全、系统安全、应用安全和管理安全六个方面进行安全体系的设计与实现,对具体的实现方法进行了分析,重点讨论了利用防火墙和入侵检测技术综合实现安全防范的技术实现以及入侵检测技术在安全体系中的应用。最后,通过搭建仿真模拟环境进行测试,证实了课题研究的校园安全体系具有防御攻击、检测病毒的能力,对网络安全防护作用明显。本文创新点如下:(1)经过对传统网络安全模型的研究,建立了一个针对校园网安全的P-WPDRRC动态安全模型,并以安全策略为核心,充分利用防火墙技术、入侵检测技术、身份认证技术、加密技术和数据恢复技术等,为整个校园网提供安全保护。(2)通过对入侵检测技术和模型的研究,提出了基于移动Agent的入侵检测模型,该模型将大大减少系统的通信负载,并且能够检测到新的或未知形式的攻击。(3)在研究主动防御技术的基础上,利用改进的BP神经网络算法,缩短了入侵检测的时间,提高了检测能力和收敛速度,实验证明该算法能够达到预期的效果。
[Abstract]:With the rapid development of computer technology and network technology, great changes have been brought to various industries, including the use of network information in colleges and universities, rich network resources, application services to provide good work for teachers and students. Learning and living environment have promoted the reform and development of education and teaching and daily management in colleges and universities. How to design and build a safe, reliable, university network, reduce the computer virus invasion, hacker attack, data tampering and other aspects of network security hidden danger, is the current and future colleges and universities urgently need to solve. Firstly, through the current situation of network security at home and abroad, this paper analyzes the security threats and sources of the current campus network, and points out the key problems to be solved in constructing a secure campus computer network. Secondly, this paper introduces the key technologies of network security commonly used in campus network, and analyzes the objects and basic functions of campus network security management under the guidance of network security model, and constructs a more secure P-WPDRRC security model. Comprehensive use of firewall technology, intrusion detection technology, anti-virus technology, security scanning technology, cryptography technology and other network security technologies, respectively from physical security, link security, network security, system security, The security system is designed and implemented in six aspects of application security and management security, and the specific implementation methods are analyzed. This paper focuses on the implementation of integrated security prevention using firewall and intrusion detection technology and the application of intrusion detection technology in security system. Finally, by setting up a simulation environment for testing, it is proved that the campus security system studied in this paper has the ability to defend against attacks and detect viruses, which has obvious protective effect on network security. The innovation of this paper is as follows: (1) based on the research of the traditional network security model, a dynamic security model of P-WPDRRC for campus network security is established, which takes security policy as the core, makes full use of firewall technology and intrusion detection technology. Identity authentication technology, encryption technology and data recovery technology, provide security protection for the whole campus network. Through the research of intrusion detection technology and model, this paper puts forward an intrusion detection model based on mobile Agent. This model will greatly reduce the communication load of the system, and can detect new or unknown forms of attack. Based on the research of active defense technology, the improved BP neural network algorithm is used to shorten the time of intrusion detection. The detection ability and convergence speed are improved, and the experimental results show that the proposed algorithm can achieve the desired results.
【学位授予单位】：兰州理工大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP393.08;TP393.18

【参考文献】