摘要
文章基于云查杀技术,设计并实现了一个轻量级的局域网信息保护机制。该机制主要围绕局域网内的路由器做安全防护,可以截获试图非法修改路由器配置信息的数据包,弹出相应的提示信息;将网内某台主机作为云检测端,维护一个相关配置信息的数据库(如DNS库,库中维护相应信息的黑名单和白名单),周期性地对网内终端进行扫描,查看每个终端的配置信息,与配置信息数据库中的数据进行比对,并根据规则在需要的情况下对终端做相应的重新配置或向终端用户及管理员发出警告。该机制借鉴了云查杀的理念,将其从公网移植到了局域网,弥补了一般网络入侵检测机制缺乏应用层分析手段的弊端。针对目前家庭路由器用户普遍缺乏安全保护意识,不懂如何进行家庭网络防护的问题,文中机制不需要用户具备信息安全方面知识,对普通用户十分友好,在家庭局域网中具有广阔的应用前景。
This paper designed and implemented a cloud-based lightweight local area network (LAN) information security protection mechanism. This mechanism mainly protects the safety of touters inside a LAN by capturing the illegal packets which trying to modify configurations of routers and warning the users. Some computer acts as the detector in the cloud, maintains a database containing configurations, such as black and white lists of DNS servers, scans every terminals in the network periodically, lookups their configurations, compares them with data in the database and resets them if necessary according to the rules or warns the administrator. It borrowed the idea of cloud security in the Internet and applied to intranets and makes up the malpractice of normal intrusion detection system lacking of analysis on application layer. It is very friendly to normal users, as they don't need a lot of information security knowledge, which results in a wide application foreground in home LANs.
出处
《信息网络安全》
2015年第1期56-60,共5页
Netinfo Security
基金
国家国际科技合作专项[2013DFM10100]
