作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2010, Vol. 36 ›› Issue (13): 140-142. doi: 10.3969/j.issn.1000-3428.2010.13.049

• 安全技术 • 上一篇    下一篇

基于PKI的网络边界安全监控方法

邹 翔,刘 浩,王 福   

  1. (公安部第三研究所信息网络安全公安部重点实验室国家反计算机入侵与防病毒研究中心,上海 200031)
  • 出版日期:2010-07-05 发布日期:2010-07-05
  • 作者简介:邹 翔(1977-),男,副研究员、博士,主研方向:信息网络安全;刘 浩,助理研究员、硕士;王 福,副研究员、博士
  • 基金资助:
    国家“863”计划基金资助项目(2006AA01Z450, 2008AA01Z412)

Network Border Security Monitor Method Based on PKI

ZOU Xiang, LIU Hao, WANG Fu   

  1. (National Research Center for Anti-Computer Invasion and Virus Prevention, Key Laboratory for Information and Network Security of Ministry of Public Security, the Third Research Institute of Ministry of Public Security, Shanghai 200031)
  • Online:2010-07-05 Published:2010-07-05

摘要: 针对网络边界安全防御的需求和特点,提出一种基于PKI技术的网络边界安全监控方法。该方法结合基于PKI的身份认证机制、入侵检测技术与VPN技术,通过对网络流量和系统日志的关联分析,能够在实时发现入侵行为的同时,准确定位入侵来源并实时阻断攻击,相比通用的特征检测和异常检测方法具有更强的准确性和可用性。

关键词: 网络边界, 安全监控, 入侵检测, 公钥基础设施

Abstract: This paper proposes a network border security monitor method based on Public Key Infrastructure(PKI) according to the requirement and characteristic of network border security protection. The technique combines identity authentication mechanism based on PKI, intrusion detection technology and VPN technology. It can accurately locate the origin of intrusion and prevent attacks soon after real-time detection of intrusion behaviors via association analysis of network traffic and system log. As a result, it has higher accuracy and usability than general signature detection and abnormal detection technique.

Key words: network border, security monitor\ intrusion detection, Public Key Infrastructure(PKI)

中图分类号: