CN111049853A - Security authentication system based on computer network - Google Patents

Security authentication system based on computer network Download PDF

Info

Publication number
CN111049853A
CN111049853A CN201911354579.0A CN201911354579A CN111049853A CN 111049853 A CN111049853 A CN 111049853A CN 201911354579 A CN201911354579 A CN 201911354579A CN 111049853 A CN111049853 A CN 111049853A
Authority
CN
China
Prior art keywords
network
module
data
authentication system
control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911354579.0A
Other languages
Chinese (zh)
Inventor
张海飞
吴芳
钱兰美
雷丽婷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nantong Institute of Technology
Original Assignee
Nantong Institute of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nantong Institute of Technology filed Critical Nantong Institute of Technology
Priority to CN201911354579.0A priority Critical patent/CN111049853A/en
Publication of CN111049853A publication Critical patent/CN111049853A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to the technical field of computer networks and discloses a security authentication system based on a computer network, which comprises a security system, an authentication system and a database, wherein the security system and the authentication system are in communication connection with the database; the safety system comprises a data packet capturing module, a data analysis module and an alarm processing module; the data packet capturing module collects and analyzes data packets of the whole network to judge whether the data packets are abnormal behaviors or not. The security authentication system based on the computer network collects various data packets in the computer through a security system, and state and behavior information related to system, network, data and user activities, which is collected by a data analysis module, is sent to a detection engine for analysis and comparison, and when data abnormity is detected, an alarm processing module reconfigures a router or a firewall, terminates a process, cuts off a connection, changes file attributes and gives an alarm, so that personal information security is protected.

Description

Security authentication system based on computer network
Technical Field
The invention relates to the technical field of computer networks, in particular to a security authentication system based on a computer network.
Background
With the rapid development of computer networks, the big data era is fortuitous, and under the circumstances, big data is widely applied to the production and life of people, so as to provide strong technical support for the prosperity and development of various industries, and while providing convenient and efficient network service for the development of computers, big data also poses potential threats to network systems, thus initiating the wide discussion of computer network security, and analyzing and making precautionary measures for potential threats to computer network security are urgent.
Big data are applied to various industries, and a plurality of actual network security problems are faced in the using process of the big data, the phenomena of data theft and website attack are endless, the situation is not optimistic, in addition, because human factors also generate a plurality of system bugs in the using process of a program, the defects and the bugs have strong destructiveness, lawless persons often steal user information by utilizing the defects and the bugs to cause a larger security problem, and therefore a security authentication system based on a computer network is provided.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides a security authentication system based on a computer network.
The invention provides the following technical scheme: a security authentication system based on a computer network comprises a security system, an authentication system and a database, wherein the security system and the authentication system are in communication connection with the database;
the safety system comprises a data packet capturing module, a data analysis module and an alarm processing module;
the data packet capturing module collects and analyzes data packets of the whole network to judge whether the data packets are abnormal behaviors, and the IDS uses the original network packets as an information source to monitor and analyze all network cards working in a hybrid mode in real time and transmit the network cards through a shared network;
the data analysis module comprises a pattern matching module, a statistical analysis unit and an integrity analysis unit, wherein the pattern matching module compares the collected information with a known network intrusion and system misuse pattern database, the statistical analysis unit creates a statistical table according to a system object and counts a plurality of measurement attributes in normal use, the average value of the measurement attributes is used for comparing with the behaviors of a network and a system, and the integrity analysis unit pays attention to whether the content and the attribute of a certain file and a directory are changed;
the alarm processing module records the analysis result in a log file, generates a corresponding report and triggers an alarm;
the authentication system comprises a system management module, a grouping module, an auditing control module and a width management module, wherein the system management module automatically searches IP addresses and machine names in a local area network, the grouping module groups machines and formulates different control strategies according to working requirements, the auditing control module audits and controls network users according to MAC addresses and account passwords, the width management module groups the users and the users or sets the bandwidth of the network access according to application categories, and the bandwidth is preferentially used by high-priority personnel or application when the network is congested.
Preferably, a network adapter is arranged in the data packet capturing module and is used for monitoring and analyzing all communication transmitted through the network in real time.
Preferably, the alarm processing module triggers an alarm and sends a page or email to a system administrator and modifies the intrusion detection system or target system, such as terminating a process, disconnecting an attacker's network connection, or changing a firewall configuration.
Preferably, the data packet capturing module mainly captures data of a host operating system layer, network data, application data and data sent by the target machine.
Preferably, the database is internally divided into two parts, one part is used for the security system to store the detected abnormal data, and the other part is used for the authentication system to collect the IP address and the machine name in the local area network.
Preferably, the authentication system further comprises an encryption module, which encrypts data of information transmitted in the network to protect security of the information.
Preferably, the grouping module is divided into an IP control unit, an MAC control unit, an account control unit and a hybrid control unit, the IP control unit performs network control in a machine IP address mode, the MAC control unit performs network control in a machine MAC address mode, the account control unit performs network control in an internet access account mode, and the hybrid control unit performs network control in an IP control mode and an account control mode.
Compared with the prior art, the invention has the following beneficial effects:
the security authentication system based on the computer network collects various data packets in the computer through a security system, and state and behavior information related to system, network, data and user activities, which is collected by a data analysis module, is sent to a detection engine for analysis and comparison, and when data abnormity is detected, an alarm processing module reconfigures a router or a firewall, terminates a process, cuts off connection, changes file attributes and gives an alarm, so that personal information security is protected;
the system management module in the authentication system automatically searches IP addresses and machine names in a local area network, and meanwhile, system management personnel can manually maintain and manage the searched machine information, so that the information security of users is protected, and under the action of the grouping module, machines are grouped to formulate different control strategies according to working requirements, so that the machines of the users can be flexibly controlled to surf the internet in the local area network, and the network is controlled through four auditing modes in the auditing control module, so that gaps exposed by personal information are reduced, finally, the encryption module is utilized to carry out data encryption on the transmitted information and protect the security of the information, and the security authentication capability of the network is further improved.
Drawings
FIG. 1 is a schematic structural view of the present invention;
FIG. 2 is a schematic diagram of a data analysis module according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present disclosure more clear, the technical solutions of the embodiments of the present disclosure will be described below clearly and completely with reference to the accompanying drawings of the embodiments of the present disclosure. It is to be understood that the described embodiments are only a few embodiments of the present disclosure, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the described embodiments of the disclosure without any inventive step, are within the scope of protection of the disclosure.
To maintain the following description of the embodiments of the present disclosure clear and concise, detailed descriptions of known functions and known components are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
Referring to fig. 1-2, a security authentication system based on a computer network includes a security system, an authentication system and a database, wherein the security system and the authentication system are both connected to the database in a communication manner.
The safety system comprises a data packet capturing module, a data analysis module and an alarm processing module.
The data packet capturing module collects and analyzes data packets of the whole network to judge whether the data packets are abnormal behaviors, and the IDS uses the original network packets as an information source to monitor and analyze all network cards working in a hybrid mode in real time and transmit the network cards through a shared network.
The data analysis module comprises a pattern matching module, a statistical analysis unit and an integrity analysis unit, wherein the pattern matching module compares the collected information with a known network intrusion and system misuse pattern database, the statistical analysis unit creates a statistical table according to a system object and counts a plurality of measurement attributes in normal use, the average value of the measurement attributes is used for comparing with the behaviors of a network and a system, and the integrity analysis unit pays attention to whether the content and the attribute of a certain file and a certain directory are changed.
And the alarm processing module records the analysis result in a log file, generates a corresponding report and triggers an alarm.
The authentication system comprises a system management module, a grouping module, an auditing control module and a width management module, wherein the system management module automatically searches IP addresses and machine names in a local area network, the grouping module groups machines and formulates different control strategies according to working requirements, the auditing control module audits and controls network users according to MAC addresses and account passwords, the width management module groups the users and the users or sets the bandwidth of the network access according to application categories, and the bandwidth is preferentially used by high-priority personnel or application when the network is congested.
In an alternative embodiment, a network adapter is provided within the packet capture module for real-time monitoring and analysis of all communications transmitted over the network.
In an alternative embodiment, the alarm handling module triggers an alarm and sends a page or email to the system administrator and modifies the intrusion detection system or target system, such as terminating the process, disconnecting the network connection of the attacker, or changing the firewall configuration.
In an alternative embodiment, the data packet capturing module mainly captures data of a host operating system layer, network data, application data and data sent by a target machine.
In an alternative embodiment, the database is internally divided into two parts, one part is used for storing the detected abnormal data by the security system, and the other part is used for authenticating IP addresses and machine names in the local area network collected by the system.
In an optional embodiment, the authentication system further comprises an encryption module, which performs data encryption on the information transmitted in the network to protect the security of the information.
In an optional embodiment, the packet module is divided into an IP control unit, an MAC control unit, an account control unit, and a hybrid control unit, where the IP control unit performs network control in a machine IP address manner, the MAC control unit performs network control in a machine MAC address manner, the account control unit performs network control in an internet account manner, and the hybrid control unit performs network control in two manners, i.e., IP control and account control.
The above embodiments are only exemplary embodiments of the present invention, and are not intended to limit the present invention, and the scope of the present invention is defined by the claims. Various modifications and substitutions may be made by those skilled in the art within the spirit and scope of the invention, and such modifications and substitutions should also be considered to be within the scope of the invention.

Claims (7)

1. A security authentication system based on a computer network, characterized by: the system comprises a safety system, an authentication system and a database, wherein the safety system and the authentication system are in communication connection with the database;
the safety system comprises a data packet capturing module, a data analysis module and an alarm processing module;
the data packet capturing module collects and analyzes data packets of the whole network to judge whether the data packets are abnormal behaviors, and the IDS uses the original network packets as an information source to monitor and analyze all network cards working in a hybrid mode in real time and transmit the network cards through a shared network;
the data analysis module comprises a pattern matching module, a statistical analysis unit and an integrity analysis unit, wherein the pattern matching module compares the collected information with a known network intrusion and system misuse pattern database, the statistical analysis unit creates a statistical table according to a system object and counts a plurality of measurement attributes in normal use, the average value of the measurement attributes is used for comparing with the behaviors of a network and a system, and the integrity analysis unit pays attention to whether the content and the attribute of a certain file and a directory are changed;
the alarm processing module records the analysis result in a log file, generates a corresponding report and triggers an alarm;
the authentication system comprises a system management module, a grouping module, an auditing control module and a width management module, wherein the system management module automatically searches IP addresses and machine names in a local area network, the grouping module groups machines and formulates different control strategies according to working requirements, the auditing control module audits and controls network users according to MAC addresses and account passwords, the width management module groups the users and the users or sets the bandwidth of the network access according to application categories, and the bandwidth is preferentially used by high-priority personnel or application when the network is congested.
2. The computer network-based security authentication system of claim 1, wherein: and a network adapter is arranged in the data packet capturing module and is used for monitoring and analyzing all communication transmitted through the network in real time.
3. The computer network-based security authentication system of claim 1, wherein: the alarm processing module triggers an alarm and then sends a page or email to a system administrator and modifies the intrusion detection system or target system, such as terminating the process, cutting off the network connection of an attacker, or changing the firewall configuration.
4. The computer network-based security authentication system of claim 1, wherein: the data packet capturing module is mainly used for capturing data, network data, application program data and data sent by the target machine in the host operating system layer.
5. The computer network-based security authentication system of claim 1, wherein: the database is internally divided into two parts, one part is used for storing the detected abnormal data by the security system, and the other part is used for authenticating IP addresses and machine names in the local area network collected by the system.
6. The computer network-based security authentication system of claim 1, wherein: the authentication system also comprises an encryption module which encrypts data of the information transmitted in the network to protect the security of the information.
7. The computer network-based security authentication system of claim 1, wherein: the packet module is divided into an IP control unit, an MAC control unit, an account control unit and a hybrid control unit, wherein the IP control unit carries out network control in a machine IP address mode, the MAC control unit carries out network control in a machine MAC address mode, the account control unit carries out network control in an internet account mode, and the hybrid control unit carries out network control in two modes of IP control and account control.
CN201911354579.0A 2019-12-24 2019-12-24 Security authentication system based on computer network Pending CN111049853A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911354579.0A CN111049853A (en) 2019-12-24 2019-12-24 Security authentication system based on computer network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911354579.0A CN111049853A (en) 2019-12-24 2019-12-24 Security authentication system based on computer network

Publications (1)

Publication Number Publication Date
CN111049853A true CN111049853A (en) 2020-04-21

Family

ID=70239834

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911354579.0A Pending CN111049853A (en) 2019-12-24 2019-12-24 Security authentication system based on computer network

Country Status (1)

Country Link
CN (1) CN111049853A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111711640A (en) * 2020-06-30 2020-09-25 郑州工业应用技术学院 Safe computer network communication system
CN111818048A (en) * 2020-07-08 2020-10-23 珠海市鸿瑞信息技术股份有限公司 Safety protection authentication system and method based on distribution network automation

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6513122B1 (en) * 2001-06-29 2003-01-28 Networks Associates Technology, Inc. Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities
CN103001891A (en) * 2012-11-16 2013-03-27 杭州顺网科技股份有限公司 Method for promoting integral service quality of local area network
CN103281213A (en) * 2013-04-18 2013-09-04 西安交通大学 Method for extracting, analyzing and searching network flow and content
CN104796261A (en) * 2015-04-16 2015-07-22 长安大学 Secure access control system and method for network terminal nodes
CN107872456A (en) * 2017-11-09 2018-04-03 深圳市利谱信息技术有限公司 Network intrusion prevention method, apparatus, system and computer-readable recording medium
CN108600166A (en) * 2018-03-16 2018-09-28 济宁医学院 A kind of network security detection method and system
CN108833425A (en) * 2018-06-26 2018-11-16 九江职业技术学院 A kind of network safety system and method based on big data

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6513122B1 (en) * 2001-06-29 2003-01-28 Networks Associates Technology, Inc. Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities
CN103001891A (en) * 2012-11-16 2013-03-27 杭州顺网科技股份有限公司 Method for promoting integral service quality of local area network
CN103281213A (en) * 2013-04-18 2013-09-04 西安交通大学 Method for extracting, analyzing and searching network flow and content
CN104796261A (en) * 2015-04-16 2015-07-22 长安大学 Secure access control system and method for network terminal nodes
CN107872456A (en) * 2017-11-09 2018-04-03 深圳市利谱信息技术有限公司 Network intrusion prevention method, apparatus, system and computer-readable recording medium
CN108600166A (en) * 2018-03-16 2018-09-28 济宁医学院 A kind of network security detection method and system
CN108833425A (en) * 2018-06-26 2018-11-16 九江职业技术学院 A kind of network safety system and method based on big data

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111711640A (en) * 2020-06-30 2020-09-25 郑州工业应用技术学院 Safe computer network communication system
CN111818048A (en) * 2020-07-08 2020-10-23 珠海市鸿瑞信息技术股份有限公司 Safety protection authentication system and method based on distribution network automation
CN111818048B (en) * 2020-07-08 2022-05-27 珠海市鸿瑞信息技术股份有限公司 Safety protection authentication system and method based on distribution network automation

Similar Documents

Publication Publication Date Title
CN110149350B (en) Network attack event analysis method and device associated with alarm log
CN107395570B (en) Cloud platform auditing system based on big data management analysis
US9438616B2 (en) Network asset information management
Montesino et al. Information security automation: how far can we go?
CN107172022B (en) APT threat detection method and system based on intrusion path
US20160164893A1 (en) Event management systems
US20190044961A1 (en) System and methods for computer network security involving user confirmation of network connections
KR102033169B1 (en) intelligence type security log analysis method
JP2008541273A5 (en)
CN111628981B (en) Network security system and method capable of being linked with application system
CN108270716A (en) A kind of audit of information security method based on cloud computing
CN109922048B (en) Method and system for detecting serial scattered hidden threat intrusion attacks
CN111510463B (en) Abnormal behavior recognition system
CN114826880A (en) Method and system for online monitoring of data safe operation
CN111786986B (en) Numerical control system network intrusion prevention system and method
CN111049853A (en) Security authentication system based on computer network
CN113411297A (en) Situation awareness defense method and system based on attribute access control
CN117240526A (en) Network attack automatic defending system based on artificial intelligence
Skendžić et al. Management and monitoring security events in a business organization-siem system
CN109600395A (en) A kind of device and implementation method of terminal network access control system
KR100607110B1 (en) Security information management and vulnerability analysis system
Patil et al. Analysis of distributed intrusion detection systems using mobile agents
JP2006295232A (en) Security monitoring apparatus, and security monitoring method and program
CN106878338B (en) Telecontrol equipment gateway firewall integrated machine system
CN112350864B (en) Protection method, device, equipment and computer readable storage medium for domain control terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200421