1、題 目： 信息網絡安全 學 院： 信息學院 專 業： 軟件技術 姓 名： 曾書涵 學 號： 1101010151 班 級： 信息A1111班 Abstract With the development of modern network information technology, computer network has become an indispensable part of people's life and work. People become increasingly dependent on the network, information security be

2、comes more and more prominent, large amounts of information stored in the network, may be illegal intrusion at any time, there is a serious security risks. Therefore, the information security of computer network becomes more and more important. This paper introduces the present situation of network

3、information security and protection measures.Keywords: computer network, information security, current situation, protection measuresContentsContents1First Network information security11.1 Overview of network information security11.2 Five characteristics of network information security1Second The cu

4、rrent situation of the network information security22.1 Network threat diversified22.2 At present, the network security vulnerability is high32.3 Diversity transmission of the virus in the form of32.4 Bot net is increasing32.5 Now the rogue software is more and more, disturbs the order of network32.

5、6 Network information security awareness of the whole society is weak4Third The protection of network information security43.1 Firewall technology43.2 Data encryption technology43.3 Intrusion Detection Technology53.4 Virus protection53.5 The identity authentication technology5summarize7References8Fi

6、rst Network information security1.1 Overview of network information security Information security is refers to the safety protection and taken to establish the information processing system of the technology and the management, in order to achieve electronic information confidentiality, integrity, a

7、vailability, controllability and non-repudiation. In the information age, the computer network has become an indispensable tool for information exchange. However, because the computer network is open, interconnected, various connection methods and terminal distribution inhomogeneity, plus technical

8、weaknesses itself and human negligence, resulting in the network is susceptible to computer viruses, hackers and malicious software. In the face of threats of invasion of network security, must consider the security of information this critical problem. The security of network information is divided

9、 into two levels of network security and information security. Network security including system security, namely hardware platform, operating system, application software; operation service security, which ensures continuity, high efficiency service. Information security mainly refers to data secur

10、ity, including data encryption, backup, procedures etc.1.2 Five characteristics of network information security (1)completeness The information exchange, in the transmission, storage and processing remain unmodified, non destructive and non loss property, maintain information as is, so that informat

11、ion can be generated correctly, storage, transmission, this is the most basic security features. (2)ConfidentialityThe information is not leaked to the person, or entity unauthorized process according to the given requirements, or provide the advantage of features, which put an end to the useful inf

12、ormation leaked to unauthorized individuals or entities, emphasizing the useful information only authorized feature objects use.(3) serviceabilityRefers to the network of information authorized entities can properly access, and normal use or can recover the use of features in abnormal conditions acc

13、ording to the requirements, which can correctly access the required information in the operation of the system, when the system is under attack or failure, can quickly recover and put into use. Usability is a security measure of network performance of the user oriented information system.(4) non rep

14、udiation The both sides of communication in the information interaction process, make sure the participants themselves, as well as provide participants with information true identity, that all participants can not be denied or deny my true identity, and provide information on the original and comple

15、te the operation and commitment. (5)controllability Refer to information dissemination of the circulation in the network system and specific content can realize effective control, namely any information network system should be controlled in a certain range and storage space. In addition to the conv

16、entional communication and dissemination of the contents of this form of site monitoring, the most typical example password managed policy, when the encryption algorithm by third party management, must be strictly in accordance with the provisions of the controllable execution.Second The current sit

17、uation of the network information security The network information technology development in China compared with that in developed countries, started late, backward technology, lack of talents, which leads to safety in network information in China is relatively fragile stage. But the network informa

18、tion security problem is still outstanding, harm and loss caused can not be ignored.2.1 Network threat diversified In recent years, the network threat diversified, the biggest temptation and network attack is the economic interest. Network attack organized, specific goal and behavior tendency has al

19、ready become a major trend of current network attack. Network deception constantly upgrading, in the current network deception exists everywhere in blackmail software, net swims pilfer date and net silver-colored pilfer date trojan, shows some lawless elements of network attack is driven by economic

20、 interests. In addition, some hackers are combined to form a group or organization, in the network attack, the internal personnel have a clear division of labor, making malicious code or even destructive virus, spread the code so as to obtain the required information to achieve the attack. Network a

21、ttacks have been from the initial interest in network technology to the illegal gain economic benefits in the direction of change.2.2 At present, the network security vulnerability is high Is often old vulnerabilities are managers or network technology personnel repair, new security vulnerabilities,

22、 the more serious hazards arise. What is more, some hackers or network technology researchers found new security vulnerabilities, does not immediately released, but their use, until the time comes, was released. On the other hand, is managers do not have time to upgrade and maintenance of the networ

23、k system, to create security vulnerabilities.2.3 Diversity transmission of the virus in the form of Now the virus's function is more and more powerful, concealment and self-protection ability is more and more advanced, so that it can be and mobile devices for communication continuously through t

24、he network system. Relying on the e-mail to the spread of the virus by traditional means is not commonly used, hackers often use network security vulnerability hang virus on the site, and then allows the user to attack or virus.2.4 Bot net is increasing A bot net is a new term appeared in recent yea

25、rs, mainly refers to the hacker control a large number of computers on the network, and use the computer network attack to attack the formation of large-scale network. Bot net great harm, on one hand, it is difficult to detect bot net behind the scenes; on the other hand, the bot net attack, speed,

26、obvious effect, can be in a few minutes or even seconds of time to let the other side network paralysis.2.5 Now the rogue software is more and more, disturbs the order of network Rogue software refers to those who provide the normal function of the software, but in the installation or download time

27、without the user's consent to install or upload some files. This software can do not to know when the user imperceptibly, causing substantial risk to the user. Typically there is thunder, QQ real-time chat tools and some of the players.2.6 Network information security awareness of the whole soci

28、ety is weak At present, although the society often stressed the need to improve information security awareness, but not to its application to practical problems. We know that, in the event of network attack is still the network management is not in place or negligence, the computer system of many en

29、terprises and companies don't even fortification. Some even have a security service system of professional, but in use after a period of time, found not so, free, who changes to security policy, cause the threat to network security mismanagement. These are not strong awareness of network securit

30、y caused, and this situation in the present society is still widespread.Third The protection of network information security Although the computer network information security is threatened, however, take appropriate protective measures can effectively protect the security of network information. So

31、 the network information security protection measures is essential to this, we used several protection technology are analyzed.3.1 Firewall technology The firewall is not a panacea, but is essential for network security. It is located between the two network barrier, one side is the internal network

32、 (trusted network), the other side is the external network (not trusted network). The system administrator firewall according to predefined rules to control the import data packet. Most firewalls use one or more of the three mode of operation: the use of a filter to check the data packet source and

33、destination; according to the provisions of the system administrator to accept and reject packets, scanning data packet, search and application of relevant data; in the network layer packets of data mode check known, to see whether the "friendly" packet mode.3.2 Data encryption technology

34、Data encryption is the most basic safety network, mainly to ensure the safety of the data encryption of the information in the network. Encryption is a technique for data transmission on the network access to strengthen restrictions. The original data is encrypted equipment and key encryption and th

35、e encoded data is referred to as the ciphertext. Decryption is the reverse process of encryption, is to restore the original plaintext ciphertext decryption, but must use the same type of encryption devices and key, can decrypt the ciphertext.3.3 Intrusion Detection Technology Intrusion detection sy

36、stem is to collect information from a variety of computer system and network system, the analysis of information on the computer and cyber source, malicious acts of network information security system identification. Intrusion detection system has many functions: deterrence, detection, response, dam

37、age assessment, attack prediction and prosecution support. Intrusion detection technology is to ensure the security of computer information systems design and configuration of a can discover and report unauthorized or system anomalies technology, which is used for a breach of security strategy behav

38、ior detection in computer network technology.3.4 Virus protection A reasonable set of antivirus software, if installed antivirus software has to scan email functions, these functions will be fully opened to;Regular inspection of sensitive documents;Take the virus detection and monitoring measures ne

39、cessary;To buy the new hard disk, floppy disk, software and other resources, should first use of virus test software to check for known viruses before use, the hard disk can use low-level formatting;Wary of email attachments, if you receive mail in the executable file or with the "macro" k

40、ill again, make sure no open after the virus;Upgrade in time the mail program and operating system, with all known security vulnerabilities repair.3.5 The identity authentication technology Identity authentication is the verification process system user identity, its essence is to find out whether t

41、he user has requested resource storage use right. Identification (Identification) refers to the process of the user to the system to produce their identity. The two work is often referred to as the identity authentication. Identity authentication should include at least the protocol verification and

42、 authorization protocol. All kinds of application and the computer system in the network through the identity authentication to confirm the legitimacy, and then determine the personal data and its specific permissions. The identity authentication system, a legitimate user's identity is easy to b

43、e pretending to be its most important technical index. The identity of the user is to not only may damage the user's own interests, but also may damage the interests of other users or the entire system. Therefore, identity authentication is the basis of authorization control. Only valid identity

44、 authentication, to ensure the effective implementation of access control, security audit, intrusion prevention security mechanism.summarize In recent years, the computer network is more and more popular, in the era of the digital economy made a great role in promoting, network information security has received more attention. At present,