Policy-Tree Based Proactive Defense Model for Network Security

With the spread of the COVID-19 epidemic, the government has put forward higher requirements for network security and reliability through the flow of network managers and the release of information. Traditional intrusion detection technology and firewall technology cannot effectively defend against DDoS attacks. This paper analyzes the principles and defects of intrusion detection system and firewall. In this paper, the architecture design of intrusion prevention system which integrates audit and network defense functions is proposed. The system optimizes the detection and analysis component of detecting attack behavior according to the special requirements of attack defense task, and adds the module of attack behavior characteristic analysis and defense strategy generation. The policy execution component uses a special defense engine to execute defense policies, providing the system with deep defense capabilities. Experiments show that the validity and reliability of the key modules in the proposed defense model meet the technical requirements. It has a certain reference value to improve the reliability of network management system under the influence of COVID-19 epidemic situation.

Download Full-text

Hybrid Network Defense Model Based on Fuzzy Evaluation

The Scientific World JOURNAL ◽

10.1155/2014/178937 ◽

2014 ◽

Vol 2014 ◽

pp. 1-12 ◽

Cited By ~ 1

Author(s):

Ying-Chiang Cho ◽

Jen-Yi Pan

Keyword(s):

Network Security ◽

Test Subject ◽

Cyber Attacks ◽

Hybrid Network ◽

Security Architecture ◽

Fuzzy Evaluation ◽

Distributed Network ◽

Network Defense ◽

Security Technologies ◽

Defense Model

With sustained and rapid developments in the field of information technology, the issue of network security has become increasingly prominent. The theme of this study is network data security, with the test subject being a classified and sensitive network laboratory that belongs to the academic network. The analysis is based on the deficiencies and potential risks of the network’s existing defense technology, characteristics of cyber attacks, and network security technologies. Subsequently, a distributed network security architecture using the technology of an intrusion prevention system is designed and implemented. In this paper, first, the overall design approach is presented. This design is used as the basis to establish a network defense model, an improvement over the traditional single-technology model that addresses the latter’s inadequacies. Next, a distributed network security architecture is implemented, comprising a hybrid firewall, intrusion detection, virtual honeynet projects, and connectivity and interactivity between these three components. Finally, the proposed security system is tested. A statistical analysis of the test results verifies the feasibility and reliability of the proposed architecture. The findings of this study will potentially provide new ideas and stimuli for future designs of network security architecture.

Download Full-text

Computer Multimedia Security Protection System Based on the Network Security Active Defense Model

Advances in Multimedia ◽

10.1155/2021/8792105 ◽

2021 ◽

Vol 2021 ◽

pp. 1-9

Author(s):

Yanhong Shang ◽

Jing Zhang

Keyword(s):

Network Security ◽

Computer Science ◽

Multimedia Security ◽

Experimental Results ◽

Protection System ◽

Multimedia Technology ◽

Continuous Development ◽

Design Effect ◽

Active Defense ◽

Defense Model

In response to the continuous development of computer science and multimedia technology, many problems related to computer multimedia security are gradually exposed in the development. Through the existence of hidden dangers of computer multimedia security, a computer is constructed based on the network security active defense model. For a multimedia security protection system, select four modules in the system for design and description. Finally, the experimental results show that the system designed in this study can realize the security protection of computer multimedia, and the system is simple to operate and has strong practicability and meets the expected design effect.

Download Full-text

Multi-layer Network Attack and Defense Model Based on Entropy Method to Measure Network Security

Journal of Physics Conference Series ◽

10.1088/1742-6596/1302/2/022068 ◽

2019 ◽

Vol 1302 ◽

pp. 022068

Author(s):

Xiaolin Zhao ◽

Jiong Guo ◽

Xiaoyi Jiang ◽

Jingjing Zhao ◽

Hao Xu

Keyword(s):

Network Security ◽

Entropy Method ◽

Network Attack ◽

Model Based ◽

Defense Model ◽

Attack And Defense

Download Full-text

Network Security Defense Model and Simulation Analysis Based on Big Data

Advances in Intelligent Systems and Computing - 2020 International Conference on Applications and Techniques in Cyber Intelligence ◽

10.1007/978-3-030-53980-1_145 ◽

2020 ◽

pp. 982-986

Author(s):

Lu Zhao

Keyword(s):

Big Data ◽

Network Security ◽

Simulation Analysis ◽

Model And Simulation ◽

Defense Model

Download Full-text

Research on Network Security Defense Model Based on Combination Strategy of Firewall and IPS

Forest Chemicals Review ◽

10.17762/jfcr.vi.215 ◽

2021 ◽

pp. 324-331

Author(s):

Dafei Wu

Keyword(s):

Network Security ◽

Intrusion Detection ◽

Network Management ◽

Management System ◽

Detection System ◽

Network Management System ◽

Combination Strategy ◽

Protection Measures ◽

Model Based ◽

Defense Model

Firewall and intrusion detection system are widely used network security protection equipment, which plays a vital role in preventing network attack and intrusion. However, they have inevitable defects, which reduces the protection function provided in actual use. Therefore, in order to further improve network security, this paper designs a new network security protection technology which can integrate the advantages of multiple security technologies and make up for their shortcomings. This paper proposes a network security defense model based on the combination strategy of firewall and IPS. The purpose of policy based intrusion prevention system (pb-ips) is to realize the real combination of security management and network management system. This can take the network management system as the intermediary, integrate the firewall technology and intrusion detection technology, and realize a new network security protection measures.

Download Full-text