Design And Implementation Of Information Security Monitoring System For Some Unit

At present,there are some problems in the construction of an information network,such as relatively weak information security protection,confidential management of confidential information,and single prevention methods.In order to improve these problems,strengthen the network security defense of a unit and optimize the information security monitoring,this paper designs and implements an information security monitoring system.In this paper,according to the actual requirements of some unit information security monitoring work,in the process of research and development based on the SNMP protocol to build data collection way,using a variety of security monitoring technology,such as network monitoring technology,access control technology,designed the identity verification,network monitoring,equipment,access control,network automation data acquisition function module,etc.In order to improve the security and confidentiality of the system,facial recognition technology is adopted to authenticate and identify the identity of network access users of a certain unit.The WinPcap development package is adopted to capture and filter the data packets.Based on TCP/IP layered protocol,the data packets are analyzed to realize the network monitoring of illegal traffic or computer intrusion.ARP spoofing technology is used to quickly cut off external access to a unit's internal confidential information,protecting the security of internal information;WDM hierarchical driver model is adopted to limit the access rights of unknown devices.Based on SNMP,multi-thread concurrency technology is used,that is,each thread corresponds to a different acquisition task,to achieve automatic network data acquisition and improve the security prevention ability.The system architecture is built according to the idea of hierarchical design.The database and functional logic of the system are designed respectively.Visual Studio tools and.net platform are used to realize these databases and functional logic.After the system is built,the function and performance of the system are tested.Test results show that the system in information security protection,information security has been greatly improved,automatic collection of network data collection efficiency has been greatly improved,strengthen the system's protection monitoring function timeliness.