Network Security Detecting And Monitoring System Based On Campus Network

With the rapid developments in network technology and computer technology, the in-depth relevant applications have brought about the increasingly complicated issues of security, which are growing more outstanding. At present, the research in computer security falls behind the technology of computer system and its applications. Meanwhile, the studies in network security are far from maturity. As part of network security, the techniques of network security detecting and monitoring are a vital system for the purpose of security. As a result, the techniques of network security detecting and monitoring have become a major topic in network security.The paper carries a general survey of current research in IDS and some analysis on the weaknesses of some current IDS systems. The overall studies of worms including the definitions, functions, mechanism, and their scanning strategies and spreading models are approached along with considerable analyses involving campus networking risks, vulnerabilities, current security means, security infrastructure. Based upon the CNISMS (Campus Network Information Security and Management System) with Sichuan International Studies University, we have designed and partly realized NSDMS (Network Security Detecting and Monitoring System).The approach of Target Tree is a common method based on available information. The paper focuses on the application of Target Tree in combating the large-scale distributed attacks, which may effectively detect multiple-step complex and combined attacks. The author makes a system analysis and a general design, offering the technical details over all different components. In order to improve the current IDS accuracy, the author introduces an intelligent module against attacks into NSDMS, which can implement data association and Data Fusion according to attack context. The module of data association can analyze the relationships between multiple detectors and multiple attacks, and then present a scenario, while all the information will be integrated according to the information from the module of Data Fusion. By this new method, we can re-determine those attacks, which are likely to be misjudged, and can detect potential attacks. As it is, a large amount of information is recorded in the log of IDS, which can facilitate the intelligent in-the-event judgment. The paper statistically makes an after-event analysis of the log library of IDS. For this reason, the paper is a significant reference for administrators to find out vulnerabilities and improve theoverall security.At last, the paper provides a tentative realization of Network Security Detection and Monitoring System.