分布式网络安全审计系统.pdfVIP

Abstract The network security of e-government is closely related to all aspects of security system of the internet, which has attracted people’s exclusive attention. It concerns not only people’s personal interest and a company’s development, but also social stability and national security. In this sense, the security of e-government has been a topic arousing overwhelming attention. The secure management can be realized by four steps: secure evaluation, secure policy, secure standard, and secure audit. Therefore, secure audit is a key element in the system of e-government. The thesis mainly introduces Network Security Audit System (NSAS) which collects, analyzes and distinguishes the network data by means of by-pass monitoring, monitors real-time the running state of internet system, records the accidents happening in the network, finds out the potential safety hazard, and records, analyzes, audits and plays back the relative information on the network activity. The research emphasizes the model of customer/server (C/S) that NSAS employs. It mainly consists of the central console and a distributed auditing core. The latter is a structure distributed in the network servers and managed by the central console. The former supervises all auditing cores, including the operation and generation of auditing cores and loading secure rules to auditing cores, receiving, displaying and recording the alarming information and conversation information sending by auding cores, and reporting real-time to the console when suspicious systematic activity and irregular activity are mon