Computer network security is the premise of promoting the healthy development of network cause. Based on the analysis of the causes of network security and the threats faced by the current network, this paper puts forward concrete measures and effective schemes for protecting computer network security from two aspects of technology and management. The following is the opening report of the paper "Computer Network Security Development" compiled by me for your reference.

The first part of the opening report of the paper on the development of computer network security is "computer network security and firewall technology"

Abstract: With the advent of the Internet era, the computer industry with information technology as the core has been greatly prosperous and developed, and computer equipment has been widely used in various fields of social life. However, with the continuous expansion of computer applications, related computer network security issues are becoming increasingly serious, which has attracted great attention from all walks of life. Therefore, it is of great practical significance to carry out research work on strengthening computer network security to guide the benign development of information technology industry. In this paper, the security of computer network and related firewall technology are discussed in detail, in order to provide reference for related network security protection.

Keywords: computer; Network; Security; firewall

1 overview

Generalized network security is generally considered that the software, hardware and related data and information in the network system can be properly protected, and will not be damaged, leaked or even destroyed due to unexpected situations or malicious attacks, so that the system can run continuously and stably, and the network service will not be interrupted. There are many interpretations of the connotation of network security. For example, from the specific user side, the connotation of network security focuses on personal privacy, or that business information can be protected by confidentiality and integrity during transmission in the network environment. It is strictly forbidden to prevent the transmitted information from being considered stolen and arbitrarily tampered with. When storing information in the computer system, we must strictly ensure the defense against illegal intrusion. From the perspective of network operators and managers, certain protection and control measures should be taken for information access and other related operations in the local network environment. It is strictly forbidden to maliciously occupy, control and refuse to serve network resources, and effectively and reliably resist the attacks of network hackers. This is the part of network security that network operators and managers need to do. For the secrecy department of state organs, network security work should provide necessary filtering and security defense against those illegal, damaging or involving state secrets, prevent state secrets from leaking in network channels, and at the same time minimize possible social harm and avoid national economic losses.

2 network security technology

When the network security technology was originally designed, it only considered the convenience and openness of the whole network, but did not consider security, which led to the fragile foundation of the current network environment and poor defense ability against network attacks. Aiming at a large number of professionals in the field of computer security, various forms of security research have been carried out, including security measures such as identity authentication, data encryption, security audit, security protocols and firewalls. Among these security technologies, firewall technology is the most effective way to ensure the internal security of the network. Firewall technology integrates network, password, software, ISO security standards and other security technologies. In general conceptual theory, network security technology can be roughly divided into the following three categories: information transmission technology, firewall technology and local security technology. Among them, information transmission technology mainly includes information encryption, digital signature, information transmission mode and many other contents, which are mainly classified by the security transmission level of information. Local security technologies include audit trail, access control, vulnerability protection and virus defense.

3 firewall technology

Among many network security technologies, firewall technology is undoubtedly the most critical core technology of network security. This section will focus on some firewall technologies, including information transmission technology, packet filtering technology, proxy technology and so on.

1 information transmission technology

In the packet-switched network of Internet information, all information content will be divided into data systems with equal distance, and each data system usually includes IP source address, destination address, internal protocol, destination port and various types of message paths. After these data system segments are transmitted to the Internet, the corresponding receiving system firewall will read the IP address, and then select a physical path for data transmission. Equal data segments may arrive at the same destination from different physical paths, then reassemble the data after all the data segments arrive at the destination, and finally promote data recovery.

2- packet filtering technology

As a key technology in firewall technology, packet filtering technology can control and operate the data flow in and out of the network with the help of the isolation function of firewall. The administrator of the information system can establish a corresponding rule system and clearly point out what kind of data content can enter and exit the intranet system; Which part of the data content should be intercepted during transmission? At present, some packet filtering firewall technologies not only need to take corresponding access control measures according to the specific address, protocol, port, service, time and other information elements of IP data, but also need to supplement all network connections and current meetings and take dynamic analysis and regulatory control. The carrier of packet filtering firewall can be placed in the router, because most internet-based network connections need to be applied to the router, so the router has become the only way to realize link communication inside and outside the network. For a packet filtering rule, it is difficult to judge the degree of security and the necessity of installation, so in some use environments with strict security requirements, some other related technologies are usually added to ensure the reliability of security protection. In the actual implementation of packet filtering firewall technology, the packet filtering module usually intercepts most data information before the operating system or router forwards the packet. We should not only check whether the packet filtering module meets the requirements of filtering standards, but also record the intercepted data. Data and information that pass the inspection rules can be forwarded for processing, and data and information that do not meet the requirements of the rules should be reported to the police and notified to the management personnel. If there is no corresponding filtering standard, you can use the default parameters set by users to determine whether the data content should pass the audit or be discarded. Filtering rules are rules and standards formulated by network system administrators according to their own security policies. In the traditional firewall technology, firewall filtering and auditing based on rules and standards belong to different data in the same connection mode, and there is no correlation between these data contents. Every data must be filtered and processed according to rules and standards, which makes the security audit of the system too complicated. Packet filtering firewall technology can realize packet filtering inspection based on connection state, so that packets belonging to the same connection situation can be treated as a whole. With the cooperation of rule table and connection state table, the system performance and security efficiency are greatly improved.

3 agent technology

Proxy technology usually refers to the use of proxy or proxy server technology, which can be the agent of intranet users and interact with external network servers. Proxy technology can make the request sent by the internal user be confirmed and sent to the external server, and can also send the response from the external server to the user again. At present, in some packet filtering firewall technologies, proxy services can be implemented for FTP, HTTP and DNS system applications. The content of the proxy service mentioned above is clearly visible to users, that is, users can communicate with the internal and external networks safely without consciously perceiving the existence of a firewall. When intranet users need to use transparent proxy to access external information, users do not need to make special settings, and the proxy server will establish a transparent path by itself, so users can communicate directly with the outside world. This can not only make users get great convenience in obtaining information, but also minimize the mistakes in the use process and avoid the security risks and mistakes in the daily application of firewalls. The proxy server can hide the details of the internal network, so that the relevant intruders cannot obtain the internal structure of the system. And by shielding some special commands, users can be prevented from inadvertently using commands that threaten the security of the system, and finally attacks can be avoided from the bottom of the network.

4 firewall construction

The traditional packet filtering firewall system only evaluates the security according to the collected data information, such as source address, destination address, TCP port number and various filtering information in the data information. These security assessment contents are relatively basic, so they are easy to be supplied by viruses, such as source address and source route. Therefore, a new design method of packet filtering firewall should be adopted to urge firewall devices to check not only the filtered data, but also the relevant routing devices, and discard the packets that meet the data filtering rules but fail the routing security detection, so as to improve this kind of problem to the greatest extent.

The specific firewall construction process is as follows:

Firstly, modify the Linux kernel to make it have the function of routing record. Linux system does not contain the function of supporting IP packet routing record, and its kernel needs to be modified. To realize this function, the option control module, namely build_options, needs to be given in the IP program, so it should be modified accordingly to make it have the function of routing record.

Secondly, install dual network cards in Linux system and set up the routing reasonably. Routing between Linux hosts usually requires at least two network interfaces in the hosts. When performing specific operations, the Ethernet card in Linux system may lack self-checking function. There are usually two ways to solve this problem. First, set in the loader file /etc/lilo.conf: append = "ether = irq0, IO-port0, eth0ether. The second way is to modify the core source program and the ethl structure in/usr/src/Linux/drivers/net/space.c.

Thirdly, build packet filtering firewall software based on routing records. In essence, the software is built on the basis of the original packet filtering firewall software of Linux system. This is mainly due to the fact that the core program of Linux system itself is a packet filter program, which has the advantages and characteristics of conventional firewall technology, is simple, efficient and powerful, can implement relevant security policies in turn according to the specific settings of the system, and can effectively filter the contents of data packets.

5 concluding remarks

In short, with the continuous development of related computer network technology and the continuous expansion of its application scope, network technology has brought great convenience to people, but it has also produced certain information security risks. Because the security of network system is not only closely related to technology and management, but also closely related to the daily application and maintenance of network equipment. Although firewall technology is the main means to prevent malicious network intrusion at present, because network security is determined by many factors, it is obviously impossible to meet people's demand for network security simply by relying on firewall technology. Therefore, in order to provide users with better network security services, it is necessary to combine network security research with related firewall technologies, so as to finally realize the continuous improvement of computer network security.

References:

[1], Bai, Zhao, et al. Rule formalization of enhanced packet filtering firewall and design and implementation of inference engine [J]. Computer R&D, 20 14 12.

Qin Zheng, Ou Lu, et al. A comparison method of stateful firewall rule sets based on SFDD [J]. Journal of Hunan University: Natural Science Edition, 20 14 10.

Qin Zheng, Ou Lu, Zhang Dafang, et al. Two-way redundancy elimination method for high-throughput collaborative firewall [J]. Journal of Hunan University: Natural Science Edition, 20 13 1.

The second part of the opening report of the paper on the development of computer network security is "technical analysis of information and computer communication network security"

Abstract: In the information age, the Internet has become a topic of concern. As a virtual society, the Internet, like everyone wearing a mask, cannot distinguish good from evil at a glance. So learn to protect yourself and protect the security of information in the network. This paper analyzes various factors that threaten the security of computer communication network, and puts forward measures to strengthen network security.

Keywords: information security; Computer communication; Network; technical study

Computer communication network security refers to protecting the data on the computer from being illegally stolen and copied by others or computer network systems without the permission of users, and at the same time protecting the integrity of user data. At the same time, it protects the normal execution of the computer system, and protects the computer from illegal use, ensuring that the transmitted data will not be captured and eavesdropped in the middle.

1 factors threatening computer network security

At present, home computer systems include windows, Unix, Linux, Mac and so on. Microsoft's windows system, which occupies a huge market share. What we generally call computer security problems is generally caused by this system, because windows is an open system. On the one hand, openness helps all people who use computers to communicate with each other conveniently and quickly on the same platform network; On the other hand, it also creates a large number of system vulnerabilities, which has a negative impact on the development of computer networks.

1. 1 illegal computer engineer factor

Illegal computer engineers are often called hackers. They have superb computer network technology, and can invade other people's computers and steal users' information without users' permission. At the same time, they can create a program that can copy themselves and steal other people's information. This program is a computer virus. Computer viruses can spread widely on the Internet because of their self-replication effect. The computer infected with the virus will reduce its working ability, because the self-replication of the virus will take up a lot of hard disk space and memory, and in serious cases, it will destroy the original system of the computer, and even cause the computer to stop and restart. At the same time, the user data in the computer may be destroyed or copied remotely. Some hackers will deliberately destroy computer systems or seek benefits by stealing all kinds of information from computers.

1.2 system and software vulnerabilities

The opening of computer and network increases the instability of the system and the difficulty of protecting information security. Now, with the rise of online shopping and online banking, the information on the Internet has greater value. If there are loopholes in the corresponding payment software and network protocol in the background of online banking, it will easily lead to a large amount of information leakage. For example, when there was a loophole in Netease's mailbox, it caused a lot of people's panic, because many people set up a bank card secure mailbox in Netease. Contact email with important information such as account number and password. Leaking email information is equivalent to telling others the bank card password. Therefore, the security of system and software itself is also an important problem to be solved in maintaining network security.

Use computer location information.

The security threat of communication network lies in the modification and deception of computer location information. Computer viruses can find the original path information and the location of computer users, thus transmitting harmful information to the computer and causing damage to the computer. In addition, IP flow is used to directly destroy the server and then illegally invade. Destroy the user's computer system after copying the desired user information, or install Trojan horses and monitoring tools. Real-time peeping at computer data. Or illegally turn on the user's camera or recording equipment, which infringes the privacy of computer users in their lives and work. This kind of behavior is a crime and a computer intrusion that people hate very much.

3 effective and commonly used computer network security technology

There are many ways to protect computer network security, but the best way is to use genuine system programs, net safe website, and don't download software of unknown origin. At the same time, using genuine and safe software, if you can do a few things, it will be difficult for hackers and viruses to find your computer and maintain their own security. At the same time, in daily use of computers, we should take some necessary measures to protect our important data and information from being stolen and embezzled.

3. 1 Cryptography

Cryptography is to encrypt data. It is one of the main technical means to improve the security and confidentiality of information systems and data and prevent confidential data from being deciphered by the outside. There are mainly two kinds of symmetric encryption technology and asymmetric encryption technology, in which encryption technology is based on password, and then encryption or decryption is carried out by using key; For asymmetric encryption technology, the encryption key is known, while the decryption key is only known by the owner, thus improving the security of information and computer communication networks.

3.2 Configure the firewall

Setting a firewall can reduce the access of viruses or illegal programs and effectively reduce the damage to information and data. Firewall refers to setting a partition wall between the public network and the private network, which can effectively check the authorization requested by users and the access rights of data and information in and out of the private network, and further prevent unauthorized users from entering or accessing. Using network packets to implement effective monitoring, control each port of the network system, and effectively verify the identity of users. If the computer system is affected by unsafe programs, the firewall will intercept it in time, and the program can only enter the computer system network with the consent of the owner, which is of great significance to the safety and normal execution of the computer.

3.3 Security Audit and Intrusion Detection Technology

Security audit technology can record the intrusion process and activities of users, which can be divided into two stages: entrapment and counterattack. Trapping refers to deliberately arranging loopholes for intruders to invade in order to obtain more invasion characteristics and evidence; Counterattack refers to the computer system tracking the intrusion and inquiring its source and identity after mastering more evidence and making full preparations, so as to cut off the contact between the system and the intruder. In addition, IDS can also be called intrusion detection technology, which can provide dynamic intrusion detection and take effective preventive measures. When the computer network is detected to be illegally invaded, effective preventive measures can be given to block it, and the attack source can be tracked, located and countered.

3.4 Virtual LAN technology

Virtual local area network (VLAN) technology is developed on the basis of switching technology between ATM and Ethernet, which can develop LAN technology into connection technology and further prevent illegal operations such as network monitoring and intrusion. For example, the information in the enterprise intranet is separated from the e-mail and data server to form VLAN 1, and then the enterprise extranet is divided into VLAN2, which effectively controls the information flow in the enterprise intranet and extranet; That is, the internal network of the enterprise can access the relevant information of the external network; The external network cannot access the data and information of the internal network. This ensures that important information and data within the enterprise are not used and illegally accessed, and greatly improves the security and reliability of the communication network.

3.5 Genuine systems and software and common error repair

Any illegal operation on the computer can only be realized through loopholes, so the most effective way to protect the security of computer information is to block the loopholes in which hackers and viruses invade the computer. This needs to ensure that the computer system is genuine and update the system vulnerabilities in time. In China, many people use pirated computer operating systems, which is one of the main reasons why hackers and viruses are rampant. A large number of pirated operating systems are full of loopholes and become hotbeds of hackers and viruses. Therefore, in order to protect computer information, using genuine systems and programs is one of the fastest and most effective methods.

4 conclusion

Although the security situation of computer communication network is grim, the present situation can be improved through innovative technical means. Although we can't find all hackers and eliminate all computer network viruses, we can improve our anti-virus and anti-hacking methods, and make hackers and viruses unable to start by various means to ensure the safety and normal use of computer information. Computer communication network security is our long-term war with hackers, viruses and loopholes. As long as we keep using new technologies and stick to the original ones, we can gain a favorable position in this war.

refer to

[1] Xu Youxi. Research on Network Security Technology [J]. Sound Screen World, 20 15S 1.

Feng Yang. Research on Cloud Security Technology [J]. Electric Power Information and Communication Technology, 20 1405438+0.

[3] Lin Tan. Research on security technology of online examination system [J]. Modern commercial trade industry, 20 1302.

Li Xiaohui. Research on network security technology [J]. Fujian Computer, 200903.

The third part of the opening report of the paper on the development of computer network security is "Research on computer network security protection technology"

The development of computer network has brought great convenience to modern life, but it also hides huge security risks. In recent years, the network crime rate has been rising, and one of the important reasons is that the security protection of computer networks is not in place. Based on the current situation of computer network security, this paper discusses the computer network security protection technology. In the concrete analysis, we first start with the concept of computer network security, then analyze the current situation of computer network security, and finally summarize the common protection technologies of computer network security.

Computer network security; Protection technology; analyse

The rapid development and popularization of computers have brought great convenience to people's life and work, and the rapid development of network information technology has made network security more and more valued by people. Computer network security is a professional computer application technology, in which information security technology, network technology and communication technology are all important components. This paper mainly discusses the computer network security protection technology as follows:

1 computer network security concept

There is a unified concept of computer security in the world, which is specifically: "technical and management security protection for the establishment and adoption of data processing systems to protect computer hardware and software data from accidental and malicious reasons." Computer network security means that under the condition of network connection, the computer system may suffer the destruction and disclosure of important information, which may involve the disclosure of personal privacy and business secrets. Therefore, computer network security is closely related to everyone's life. Paying attention to computer network security is the guarantee to maintain the overall security of computers.

2 Computer network security status analysis

Computer network security has the function of network connection, so compared with stand-alone security, computer network security is more risky. However, at present, computer network security has not been paid enough attention. Usually, it is paid more attention to in some large enterprises, state organs and commercial organizations, but it is not paid enough attention to the computer network security used by individuals. Sometimes there are unknown emails in the mailbox. At this time, curiosity drove some people to open the link, which led to computer poisoning. This system security includes the security of various websites in the network world. In addition, the current performance of network administrators in management is not satisfactory. Because they don't need professional knowledge, some may study management, some safety and some electronic information. In a word, there are few comprehensive talents, which leads them to find problems in time in the management process, and some find problems, but they don't know how to solve them. This kind of incomprehensible management has affected the development of informatization and also caused a waste of talents. Most network security accidents are caused by management problems, including the specific implementation of management system, the correct use of management methods and the role of managers in management. These defects make managers feel confused in actual management, lacking integrity and systematicness.

3 computer network security protection technology analysis

3. 1 firewall technology

Firewall is no stranger to most people who use computers, but few people know about firewall technology. Firewall refers to the combination of a series of components in the field of computer network or network security. Strong fire prevention is the most basic protection technology for computer network security. The setting of the firewall can be controlled by the user himself, and the firewall can be turned off and on. The firewall is the only channel for computer network information to enter the computer, and it can also guarantee the only permission for users inside the computer to access the network. Firewall has a high anti-attack ability. General computer viruses and Trojans cannot affect computers through firewalls. However, if the firewall is turned off in the process of using the computer, it will easily lead to the leakage of computer information security. Therefore, firewall technology is the basic technology of computer information security protection.

3.2 Access control technology

Computer networks not only promote information exchange and realize resource sharing, but also provide access channels for viruses, Trojans and hackers. Therefore, it is usually necessary to control access to protect the security of computer networks and reduce the resulting information leakage. In terms of access technology, on the one hand, access restrictions can be achieved through routers, on the other hand, access rights can be set for system files in computers, so as to improve the information security within the local area network and protect access to important system files, thus ensuring the information security of computer networks.

3.3 Encryption technology

On the one hand, computer network encryption technology can avoid the leakage of computer information, on the other hand, it can ensure the system security of the network. In the specific application process of computer network security encryption technology, the security of the system can be improved by adding keys. This encryption of the computer system avoids the disclosure of important information and makes the computer system more secure and reliable. Especially for computer users, some key node information in calculation can be guaranteed by encryption technology, so the security of data in transmission will also increase.

3.4 virus prevention technology

One of the main threats to computer network security is computer virus. Computer viruses can be intercepted and killed by computer users installing network software, and regular virus scanning can ensure computer network security. In this computer technology, the computer can be read, written and monitored through encryption programs, thus effectively preventing viruses from invading the computer.

3.5 Backup and mapping technology

Backup is an effective method to protect personal important data, and it is also a technical means to improve the security of computer networks. Regular backup can avoid computer system paralysis or loss of important data after charging. This is especially important for some enterprises and * * * organs; In addition to backup, mapping technology is also an important technology, which can ensure the normal use of the system when there is a problem with the computer.

3.6 Vulnerability scanning and repair technology

System vulnerabilities will appear regularly in the process of computer use, and there are certain security risks in system vulnerabilities. Therefore, in the process of using the computer, it is necessary to repair the system vulnerabilities in time, and this repair must be comprehensive and all-round. At the same time, after the completion of the system vulnerability repair, it is necessary to further test the system security to ensure the success of the system vulnerability repair. Some system software used at this stage has system vulnerability detection, and users need to solve the vulnerabilities in time during use.

4 conclusion

2 1 century is a highly information-based era, and a large number of information resources need to be shared through computer networks. However, some potential security risks in computer networks have become the main reasons for information leakage and property losses of enterprises. Therefore, strengthening the technical management of computer network security is an important work to ensure network security. In practical application, various computer network security protection technologies can be combined to further improve the security of computer networks.

refer to

[1] Xu. Computer Network Security and Data Integrity Technology [J]. Beijing: Electronic Industry Press, 20 10/0,3.

[2] Qiu Junping, Chen Jingquan, Yue Ya. Management and Countermeasures of Copyright of Network Information Resources [J]. China Soft Science, 20 12, 1.

Recommended: