Papers by Keyword: Network Security

Abstract: Network security risk assessment is an important means of acquiring and mastering the current and future state of network, which is of great significance to maintain the safe operation of the network. This paper presents an improved risk assessment method based on Markov game that has simply changed the past, in which the risk status of the network assets were classified into fixed categories. Depending on the game relationship between fixing vulnerabilities and threat attacking, this method has more detailed characterization of the network risk. Network attacks and vulnerabilities are sorted, which reduces the state space, making the scale of model input greatly reduced, improving the assessment of large-scale network efficiency. Simulation results demonstrate the feasibility and effectiveness of this method.

Abstract: The proposed IPv6 protocol has brought new problems for network security. The new protocol and features were introduced for IPv6 and the new type of attack applicable in the environment of IPv6 was summarized. And then, according to the idea of the attack detection, computers themselves can discover the vulnerabilities and deficiencies of their own systems. Thus the vulnerabilities will be patched up and the security of the system will be improved. We focused our research on designing and realizing the IPv6 network attack platform by designing the overall structure of the platform. Finally, we tested the IPv6 network attack platform. Test results show that the attack effect is remarkable, which plays a role in finding computers’ system vulnerabilities, strengthening security protection and enhancing network security.

Abstract: With the wide application of computer network, network security issues become increasingly prominent. Currently, the most commonly used network security evaluation method is risk assessment method, as well as to test and evaluation system of safety degree by software vulnerability scanning tools and so on. However, network security is related to computer, communication, physics, mathematics, biology, management, social, and many other fields, which is complicated system engineering. As a result, poor operational safety exist in the existing method, thus in this paper, the research of computer complex network reliability evaluation method based on GABP algorithm is put forward.

Abstract: With the development and popularization of computer network, and speed up the pace of government and enterprise informatization, network architecture and existing enterprises more complex. The complex network structure exposed a lot of security problems, personal and corporate demand for network security grows with hitherto unknown speed. How to let the rapid advance of network security to satisfy business, become a hot topic. Network security is the supporting system of daily office and business applications for the modern enterprises. In the enterprise network, only like a personal computer network security protection just install personal version of virus protection program and software firewall is not enough, and should also deploy hardware firewall, network virus protection program and other such as intrusion detection system, network isolation equipment etc.. At the same time, it is necessary to deploy enterprise network disaster tolerance system, because it is all safety protection measures in the last line of defense. This paper mainly describe, safety control program of firewall in enterprise network security is how to design. I hope that this paper can help everyone to design network security protection systems .

Abstract: Network security and identity authentication is confirmed the true identity whether the user and the claimed identity is consistent or not, in order to prevent the illegal user access the system for resources by identity fraud. The one-time password authentication technology with high safety, convenient for using, easy for management and lower cost is applied widely and has bright prospection. The one-time password authentication technology support to add uncertain factors in the login process, so that the login authentication informations are not the same each time. It is useful to improve the security of the login process. In this paper, a new system which is based on the the one-time password authentication technology called biometric system is first introduced. Then the framework of multi-biometric system is presented, and several examples are also shown. The prospect about multi-biometric fusion is also given.

Abstract: Along with the development of the computer technology, communication technology and information security, people are enjoying the convenience of new trade patterns e-commerce bring by open web. At the same time, it also have to face all kinds of security problems in e-commerce. In this paper, it analyzed the network security technology in electronic commerce, put forward the design scheme of network security platform that can effectively ensure the smooth progress of e-commerce activities. The study of the security problems in e-commerce, has special important theory value and practical significance.

Abstract: In order to obtain the effective network intrusion alarm information, and reveal the intention of attackers, an intrusion scenario dynamic correlation algorithm is proposed based on single value causality diagram. According to the composition principle of single value causality diagram, the key factors of the cause and effect diagram are defined. By relating the alarm information of intrusion detection system, attack scenarios are constructed based on cause and effect diagram, and dynamic correction is conduct. Based on the MIT Lincoln laboratory data sets, the correlation test is done using the above attack scenario correlation algorithm. Test results show that the reconstruction of attack scenarios and actual condition have very good consistency, proving that the proposed correlation algorithm can correctly reflect the real hacker intrusion process. The research of this paper provides effective help for the security administrator to implement effective management measures.

Abstract: Ad Hoc network is a special kind of mobile multi-hop wireless networks, which has been widely used various occasions. In this paper, the main characters of Ad Hoc network are presented. Meanwhile, based on the inherent defect and security threats of Ad Hoc network, the corresponding security mechanism and strategy are proposed.

Abstract: Intrusion detection is one of the most important techniques for protecting network security. In addition, intrusion detection model can be used to recognize real-time pattern, which has important practical significance for real-time intrusion detection. However, due to the sheer speed and scale of the data, data points must often be analyzed in real time. The one-pass-through requirement and the lack of efficient clustering algorithms to identify intrusion patterns limit the power and scalability of this approach. A data stream clustering algorithm is proposed for real-time network intrusion detection. By introducing the new hashing mechanism, the method can quickly find the clustering patterns in the data stream. The method significantly reduces the false alarm rate of intrusion detection, and improves the performance of intrusion detection system.

Abstract: At present the awareness model of network security situation can only analysis the network security situation of past or current time. The lack of research on this field will affect the security of network. A method based on Kalman algorithm is proposed in this paper, which can forecast the network security situation by using the current and past security situation values. The simulation results show that the proposed algorithm can not only reflect the overall trend of network security situation but also forecast the trend of value effectively. Compared with the traditional GM(1,1), the method has a more predictive value; Compared with RBF algorithm, the method is more applicable to the real network environment.