[1]李健,陈为. 基于异构条件的NIDS网络安全技术研究[J].计算机技术与发展,2017,27(09):106-109.
 LI Jian,CHEN Wei.Investigation on Network Security Technology of NIDS Based on Heterogeneous Conditions[J].,2017,27(09):106-109.
点击复制

 基于异构条件的NIDS网络安全技术研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
27
期数:
2017年09期
页码:
106-109
栏目:
安全与防范
出版日期:
2017-09-10

文章信息/Info

Title:
Investigation on Network Security Technology of NIDS Based on Heterogeneous Conditions
文章编号:
1673-629X(2017)09-0106-04
作者:
 李健陈为
 中国食品药品检定研究院信息中心
Author(s):
 LI JianCHEN Wei
关键词:
 异构条件网络入侵检测系统可信网络安全网格空间加密算法
Keywords:
 heterogeneous conditionsNIDStrusted network securitycyber encryption algorithm
分类号:
TP309
文献标志码:
A
摘要:
 异构条件下构建工业可信安全环境,需要对网络入侵检测系统(NIDS)进行全方位研究.在异构条件下构建信息行业可信安全环境的研究主要从网络的结构安全、通讯网络、区域边界和安全区域四个方面展开.为此,从抗网络攻击的需求出发,在分析六种工业信息安全技术并详细研究可信网络关于药品领域工业总线入侵检测系统的基础上,针对数据采集与监视控制(SCADA)系统信息安全,提出了一种基于嵌入式麒麟Linux操作系统的防护模型.该模型综合使用网络通信、防火墙iptables、入侵检测Ssnort以及加密算法等技术,设计并实现了一套服务于分布式控制系统(DCS)工业设备的安全防御平台.基于Matlab软件的Simulink进行了数据安全传输机制的设计和仿真验证,NIDS顺利通过了试验测试.实验结果表明,所提出的模型有效可行,所构建平台采用的技术具有较高的有效性和可靠性.
Abstract:
 To build an industrial trusted security environment under heterogeneous conditions,it is necessary to study the Network Intru-sion Detection System ( NIDS) of all dimensions. The investigations on information industry credible security conditions in heterogeneous environments are composed of four respects,including structural safety,communication network,area boundary and security zone. In view of requirements on network anti-attack,on the basis of analyzing six kinds of industrial information security techniques and investigation on the trusted network intrusion detection system in medicine field,a protection model,running on embedded-Qilin Linux operating sys-tem,is proposed for the information security of SCADA. It adopts a lot of technologies like network communication and firewall,intrusion detection and encryption algorithms. A set of security defense platform for the Distributed Control System ( DCS) industrial equipment is implemented. The design of data security transmission mechanism and its simulations for verification have been conducted with Simulink in Matlab,through which NIDS goes for qualification. The results of simulation show that it is effective and feasible and that the tech-niques adopted in the established platform owns high validity and reliability.

相似文献/References:

[1]张志宏,吴庆波,邵立松,等.基于飞腾平台TOE协议栈的设计与实现[J].计算机技术与发展,2014,24(07):1.
 ZHANG Zhi-hong,WU Qing-bo,SHAO Li-song,et al. Design and Implementation of TCP/IP Offload Engine Protocol Stack Based on FT Platform[J].,2014,24(09):1.
[2]梁文快,李毅. 改进的基因表达算法对航班优化排序问题研究[J].计算机技术与发展,2014,24(07):5.
 LIANG Wen-kuai,LI Yi. Research on Optimization of Flight Scheduling Problem Based on Improved Gene Expression Algorithm[J].,2014,24(09):5.
[3]黄静,王枫,谢志新,等. EAST文档管理系统的设计与实现[J].计算机技术与发展,2014,24(07):13.
 HUANG Jing,WANG Feng,XIE Zhi-xin,et al. Design and Implementation of EAST Document Management System[J].,2014,24(09):13.
[4]侯善江[],张代远[][][]. 基于样条权函数神经网络P2P流量识别方法[J].计算机技术与发展,2014,24(07):21.
 HOU Shan-jiang[],ZHANG Dai-yuan[][][]. P2P Traffic Identification Based on Spline Weight Function Neural Network[J].,2014,24(09):21.
[5]李璨,耿国华,李康,等. 一种基于三维模型的文物碎片线图生成方法[J].计算机技术与发展,2014,24(07):25.
 LI Can,GENG Guo-hua,LI Kang,et al. A Method of Obtaining Cultural Debris’ s Line Chart Based on Three-dimensional Model[J].,2014,24(09):25.
[6]翁鹤,皮德常. 混沌RBF神经网络异常检测算法[J].计算机技术与发展,2014,24(07):29.
 WENG He,PI De-chang. Chaotic RBF Neural Network Anomaly Detection Algorithm[J].,2014,24(09):29.
[7]刘茜[],荆晓远[],李文倩[],等. 基于流形学习的正交稀疏保留投影[J].计算机技术与发展,2014,24(07):34.
 LIU Qian[],JING Xiao-yuan[,LI Wen-qian[],et al. Orthogonal Sparsity Preserving Projections Based on Manifold Learning[J].,2014,24(09):34.
[8]尚福华,李想,巩淼. 基于模糊框架-产生式知识表示及推理研究[J].计算机技术与发展,2014,24(07):38.
 SHANG Fu-hua,LI Xiang,GONG Miao. Research on Knowledge Representation and Inference Based on Fuzzy Framework-production[J].,2014,24(09):38.
[9]叶偲,李良福,肖樟树. 一种去除运动目标重影的图像镶嵌方法研究[J].计算机技术与发展,2014,24(07):43.
 YE Si,LI Liang-fu,XIAO Zhang-shu. Research of an Image Mosaic Method for Removing Ghost of Moving Targets[J].,2014,24(09):43.
[10]余松平[][],蔡志平[],吴建进[],等. GSM-R信令监测选择录音系统设计与实现[J].计算机技术与发展,2014,24(07):47.
 YU Song-ping[][],CAI Zhi-ping[] WU Jian-jin[],GU Feng-zhi[]. Design and Implementation of an Optional Voice Recording System Based on GSM-R Signaling Monitoring[J].,2014,24(09):47.

更新日期/Last Update: 2017-10-20