Zhijun Zhang

2011-01-01

Abstract:As the use of distributed deployment of a large number of heterogeneous security devices in order to build network security defense system generates a mass of security event information which is difficult to effectively manage and the security monitoring systems that are deployed in different places are difficult to manage integratedly, united platform model for network security management is proposed. According to the actual distribution of Yunnan security monitoring systems, the platform establish a level of information system by the use of distributed technology. Platform designs and analyzes its oriented network security managers system architecture and uses risk assessment and event correlation to analyze network operating conditions in real-time, reduce false alarm ratio so that network security managers can find security accidents precisely and respond promptly. And then the paper describes key technologies such as distributed data model,secure event standardization model,secure communication and control protocol in detail.

Yao Jian,Shi Xinju,Xie Li

DOI: https://doi.org/10.3969/j.issn.1000-386X.2006.12.006

2006-01-01

Abstract:It is necessary for integrated security management platform to solve the management problems of different security devices from different manufactures.The key problems of common management information model and common security management protocol are analyzed.At last,an implementation of integrated security management platform is described.

李章维,张建明,王树青

DOI: https://doi.org/10.3785/j.issn.1008-973x.2004.08.001

2004-01-01

Abstract:For improving the stability, reliability, and convenient safeguard in network systems, a new method for network fault detection based on the network device running status was proposed. Using the feature of real network and SNMP(simple network management protocol) and TELNET(telecommunication network protocol), the realization of multi-agent network management systems was discussed. The network management system is characterized by rapid network fault detection, determination and treatment, which has intelligence and capacity for self-study, and also shortens the time of network fault (response) and treatment, thus the reliability of the network was improved. With the use of multi-Agent technology, the new way for studying network management has advantages of simple calculation, rapid fault detection, etc.

Chun Long Li,Xiang Qun Wang,Zeng Hua Zhang,He Wang,Xiao Yan Sun

DOI: https://doi.org/10.4028/www.scientific.net/amr.760-762.1033

2013-01-01

Advanced Materials Research

Abstract:Routing and switching platforms are widely used in modern communication equipments, network management based on routing and switching platform has a significant meaning and a prospect of application. The article briefly describes the routing and switching platform ZebOS and the Simple Network Management Protocol SNMP, it explains the implementation method and workflow of SNMP network management used in routing and switching platform, and it realizes the configuration and management of routing exchange platform.

Hua Wang,Gangfeng Yan

DOI: https://doi.org/10.1109/wcica.2012.6359132

2012-01-01

Intelligent Control and Automation

Abstract:Substation is an important part of power system and its operation status exerts great effect on the safety of power system. Comprehensive monitoring management platform for substation (CMMP) is a digital monitoring platform which has uniform interfaces; flexible expansibility and hierarchical network control ability, and it is custom-designed for safe operation of substation. CMMP consists of direct current real-time monitoring subsystem, intrusion detection and hierarchical video monitoring subsystem, temperature and humidity and fire monitoring subsystem based on WSNs. CMMP adopt composite structure of C/S and B/S which would be convenient for computer and other mobile end to query monitoring information. Owing to the perfect private network of power system, CMMP can monitor both local and cross-domain substations. In addition, CMMP can classify and manage all kinds of alarm information from substation and realize distribution monitoring centralized management.

WANG Xiaodong,ZHU Miaoliang

DOI: https://doi.org/10.3969/j.issn.1000-3428.2005.07.055

2005-01-01

Abstract:This paper puts forward an intellective network safe guard system based on a multi-agent system structure. The purpose of the system is to defend the intrusion of campus-wide network. It is based on IDXP and the focus is blackboard. This system can deal with multi-levels and many ways of anti-intrusions, which has self-determination. It is proved to have a good performance by spot tests.

Genghong Lu,Dongqin Feng

DOI: https://doi.org/10.23919/icif.2018.8455208

2018-01-01

Abstract:Due to the wide implementation of communication networks, industrial control systems are vulnerable to malicious attacks, which could cause potentially devastating results. Adversaries launch integrity attacks by injecting false data into systems to create fake events or cover up the plan of damaging the systems. In addition, the complexity and nonlinearity of control systems make it more difficult to detect attacks and defense it. Therefore, a novel security situation awareness framework based on particle filtering, which has good ability in estimating state for nonlinear systems, is proposed to provide an accuracy understanding of system situation. First, a system state estimation based on particle filtering is presented to estimate nodes state. Then, a voting scheme is introduced into hazard situation detection to identify the malicious nodes and a local estimator is constructed to estimate the actual system state by removing the identified malicious nodes. Finally, based on the estimated actual state, the actual measurements of the compromised nodes are predicted by using the situation prediction algorithm. At the end of this paper, a simulation of a continuous stirred tank is conducted to verify the efficiency of the proposed framework and algorithms.

HUANG Jia-Lin,Liu Hai-Tao,Mei Zhen-Kun,Gan Miao-Jin,Sun Qian

2008-01-01

Periodical of Ocean University of China

Abstract:The management of a large campus network is complex and difficult.An effective network management system is basical for secure and steady network.The current network management systems focus on the management of the equipment,they have not related network management to the network user behavior.The System Based on User Network Behavior Monitoring and Controlling amalgamated the technical character of various system manufacturer.Because of making use of the functions and the management messages of the present network equipments and systems,analyzing and ruling the user's network behavior,and eliminating the effect of the bad network behavior,it can maintain a secure and steady network and reduce the network manager's workload.

Zhiyong Shan,Vinod Namboodiri

DOI: https://doi.org/10.24297/ijct.v20i.8841

2020-09-10

Abstract:In recent years, the emerged network worms and attacks have distributive characteristics, which can spread globally in a short time. Security management crossing network to co-defense network-wide attacks and improve the efficiency of security administration is urgently needed. This paper proposes a hierarchical distributed network security management system (HD-NSMS), which can centrally manage security across networks. First describes the system in macrostructure and microstructure; then discusses three key problems when building HD-NSMS: device model, alert mechanism, and emergency response mechanism; at last, it describes the implementation of HD-NSMS. The paper is valuable for implementing NSMS in that it derives from a practical network security management system (NSMS).

English Else

Xinming Chen,Beipeng Mu,Zhen Chen

DOI: https://doi.org/10.1109/cmc.2011.94

2011-01-01

Abstract:Malicious attacks are frequently launched to make specified network service unavailable, compromising end hosts for political or business purpose. Though network security appliances are widely deployed to resist these attacks, there is a lack of dynamic and collaborative platform to flexibly configure and manage all the security elements. In this paper, we present NetSecu, a platform based on Java and Click Router, which can dynamically enable, disable and configure security elements such as firewall, IPS and AV. Furthermore, a collaborate module is implemented to integrate individual NetSecu platform into a Secure Overlay Network, providing collaborative traffic control against DDoS attack. Equipped with collaborate module, NetSecu platforms are organized in a tree hierarchy where each level node is registered to its father node. A Central Management Site acts as the root node for large scale deployment. The policy is distributed from higher level to lower level NetSecu nodes, while security events are aggregated from lower level to higher level. Performance evaluation shows that our NetSecu system can achieve line rate with and without security function. Finally we deploy the NetSecu platform in multiple sites, where our design is fully demonstrated and tested.

Haixin Duan,Jianping Wu

DOI: https://doi.org/10.1109/APCC.1999.820481

1999-01-01

Abstract:Security management is one of the five management functions defined by ISO/OSI, which covers two aspects: security of management and management of security. As to management of network security, we give security management requirements for large computer networks, combined with our management experience of managing CERNET. From our experience, the widely used firewalls in the Internet are lacking in the capability to be remotely managed on a large scale, especially multi-vendor network environment. Addressing these problems, the concept of high level security policy management is proposed for large networks. To support high level policy management and collaborative management of multi-vendor firewalls, a definition for a common firewall MIB (CFWMIB) and a common format for the TRAP events record are proposed. For the aspect of security of network management, we present a security architecture which is implemented in our web-based network management system. Flexible authentication and role-based access control mechanisms of the architecture are described. Our ongoing and future research is also outlined.

Yan LIU

DOI: https://doi.org/10.3969/j.issn.1671-1122.2015.09.037

2015-01-01

Abstract:With the rapid popularization of the Internet, the security threat facing the network information security is also becoming more and more serious. This paper presents a based on metropolitan area network coverage throughout the city of the Internet and the key network infrastructure of network security emergency response system, and introduces the hierarchical architecture. The core functions of the system are described in detail. At key network nodes of MAN, the system can timely warn large-scale network attacks and virus spread, which can protect the Internet and key sites of network security. This paper also presents the measures of system validation.

Beipeng Mu,Xinming Chen,Zhen Chen

DOI: https://doi.org/10.1109/cmc.2011.130

2011-01-01

Abstract:Network Security Appliances are deployed at the vantage point of the Internet to detect security events and prevent attacks. However, these appliances are not so effective when it comes to distributed attacks such as DDoS. This paper presents a design and implementation of collaborative network security management system (CNSMS), which organize the NetSecu nodes into a hybrid P2P and hierarchy architecture to share the security knowledge. NetSecu nodes are organized into a hierarchy architecture so they could realize different management or security functions. In each level, nodes formed a P2P networks for higher efficiency. To guarantee identity trustworthy and information exchange secure, PKI infrastructure is deployed in CNSMS. Finally experiments are conducted to test the computing and communication cost.

DOI: https://doi.org/10.4018/joeuc.20211101oa25

2021-11-01

Journal of Organizational and End User Computing

Abstract:The network in information age has become an important part of life, but in the process of in-depth application of computers and networks, information security issues have also become a significant obstacle to their developments. The intelligent solution to information security is a self-organized management and computing security protocol that is completed through the intelligent technologies at both ends of the sensing device and network authentication center. The results show that the network security information communication and publicity management platform built by the self-organized network management and computing of the intelligent solutions to information security can effectively heighten network users’ awareness of information protection, enhance the security of network environment, and promote the improvement of scientific network security rules. The study results of this paper provide a reference for further researches on self-organized network management and computing of intelligent solutions to information security.

information science & library science,management,computer science, information systems

TAN Da-peng,LI Pei-yu,PAN Xiao-hong

2009-01-01

Computer Integrated Manufacturing Systems

Abstract:Aiming at the problems of Networked Manufacturing System(NMS) based on server/client pattern such as poor collaboration ability,shortage of dynamic configuration support etc,a kind of intelligent NMS realization method based on new generation network middleware-Universal Plug and Play(UPnP) was brought forward.By analyzing the construction characteristics and fundamental requirement of modern NMS,network system model oriented to automatic manufacturing was established,and the network architecture was designed and realized by UPnP technology.By applying standard communication protocol and application program interface of UPnP,device management criterion and data transform protocol were set up,and the intelligent management for NMS was realized by using UPnP service-calling mechanism.Combining with embedded system technology,real-time data collection node,monitoring center node and data storage server were designed to supply powerful real-time data support for NMS.Industry experiments proved that this system could realize self-recognition,seamless integration and other self-adaptive functions.

GUO Xi,YANG Jia-hai,WANG Jian-min

DOI: https://doi.org/10.3969/j.issn.1000-3428.2012.23.064

2012-01-01

Abstract:Traditional asset management system is separated from the network operation and management systems,and there is no efficient mechanism in data sharing and data synchronization between them,resulting in the lack of workflow monitoring and life cycle management of asset management system.This paper proposes an implementation of asset management system based on network management platform.It integrates the two systems by sharing the unified asset data and leverages the workflow skills to realize business process management and life cycle management.The operating results show that this scheme is a feasible way to solve the issues about data redundancy and information island as well as improving the ability of informationalization and flow process.

ZHAO Wen-guo,ZHAO Yang

DOI: https://doi.org/10.3969/j.issn.1005-8451.2012.11.008

2012-01-01

Abstract:Using the current computer network,it was established the sharing platform to the three-level security risk networking of the railway administration,stations and workshops,and the safety information as well.It was also enhanced the consciousness of risk management and provided the information support for the full control of the global security,by Fuzzy and Comprehensive Judgment Model and giving risk status warning.

Hui Yuan,Lei Zheng,Shuang Qiu,Xiangli Peng,Yuan Liang,Yaodong Hu,Guoru Deng

DOI: https://doi.org/10.1007/978-3-030-15235-2_142

2019-04-25

Abstract:With the rapid development of the network, in recent years, the Internet has greatly improved people’s lives, and the real-time, sharing and distance-removing characteristics of network information transmission have made the operation and management of enterprises more efficient and coordinated. The basis of refinement. At the same time, various network security incidents have followed, such as hacker attacks on computer network systems, and various types of viruses, Trojans and other active attacks emerge one after another. In this regard, this paper analyzes the enterprise network security system of firewall from the perspective of enterprise network security, briefly summarizes the background, advantages and disadvantages of firewall technology, and designs and implements a client software according to the actual needs of users. The network performs real-time intelligent security monitoring. After the system design is completed, the security is tested by building a simulation platform, including qualitative testing and quantitative testing, which are divided into security and performance to verify whether the system can achieve and guarantee performance.

Yu Sun,Xiaorong Liu,Xiaoli Shen

DOI: https://doi.org/10.1155/2022/3170164

IF: 1.968

2022-11-19

Security and Communication Networks

Abstract:With the rapid advancement of society and the level of programming and the rapid development of computer technology, networking and information are playing an increasingly important role in the social life of the masses. Creating and developing a network information security monitoring system have become one of the most important ways to keep a computer running smoothly. Traditional information security systems cannot adapt to the ever-changing network environment. If only relying on it to maintain network security, it will be far from effective monitoring and defense. Based on the theory of network information security, this study analyzes the characteristics of network information and the information security monitoring technology at the current stage. Based on the background of big data era, a new type of computer network information security monitoring system is proposed. This system is compared with the traditional network information security monitoring system, and the performance and stability of the system are investigated, respectively. The experimental data show that the network information security monitoring system designed in this study can achieve more than 99% detection rate of external attacks in a network environment with a background traffic of 10M. Its false alarm rate is lower than 4%, and the false alarm rate is lower than 7%. The qualitative mean reaches 93.02%, indicating its good monitoring accuracy and stability. By popularizing it in the current network environment, it can effectively identify and defend information attacks and maintain the development of network information security.

computer science, information systems,telecommunications

ZHANG Miao-hui,YANG Jia-hai,ZHANG Hui,WANG Ji-long

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.23.037

2007-01-01

Abstract:The conventional network management technologies are mostly restricted within a single management domain.It is hard for management system in one domain to interact and share information with the counterparts in other domains,which restricts the development of many new management functionalities.The paper proposes a model of Internet management information search platform based on Web Service and P2P,which aims to provide a universal platform of information sharing and searching among different management systems.The model can effectively interconnect the isolated NMSs,integrate the heterogeneous information,maintain good performance,and achieve good scalability.