Research And Design Of Illegal Extra-Connection Monitoring In The E-Government System

The e-government system has become the device which makes the governmental work being informationized, internetized and opened. Once the e-government system is intruded, enormous loss may incur. However, complex structure of network, high requirements of confidentiality, great value of information and high concern of society make the security issues of the e-government system become increasingly prominent, security analysis and research on the e-government system are particularly important. Illegal extra-connection is the typical security issue of the e-government system, which may lead to the invasion of virus or trojan and thus cause information leakage or other security issues.We can use the monitoring system to monitor the illegal extra-connection. Until now, there are two common methods for monitoring the illegal extra-connection:dual-machine mode and C/S mode. However, the two methods can’t fully meet the demand of the e-government system. We need to design a more suitable method to monitor the illegal extra-connection in the e-government system.The paper first describes the common security issues of the e-government system, and then details the way, damage and common methods of monitoring of the illegal extra-connection. Bases on the analysis of advantages and disadvantages of dual-machine mode and C/S mode, makes use of the technology of IP address forgery, route table, routing spoofing and host detection, and combines with the characteristics of the host of illegal extra-connection, the paper designs and implements an improved system for monitoring the illegal extra-connection in the e-government system.This method makes a combination of the traditional dual-machine mode and C/S mode, and adds the client in the dual-machine mode. The method also changes the detecting from the external to the internal, and the client doesn’t occupy system resounces until the host is in the state of illegal extra-connection. The client will start to confirm and cut off the illegal connection. The paper gives the architecture design and system partition of the improved method, and describes the implementation of some key modules.At last, the paper performs the function test and performance test on the improved method, gives the test results and analyses the results. It proves that the improved method can make up for the disadvantages of the dual-machine mode and C/S mode, and it is more suitable for the e-government system.