摘要
为了加深对信息安全事件的深刻认识及有效地进行培训教育,提出信息安全现场展示的构想,分别从物理安全、逻辑安全两方面进行信息安全隐患事件展示。物理安全展示包括电磁泄漏、载体安全、非法侦听信息设备等,逻辑安全展示包括网页挂马、DNS欺骗、网络钓鱼等网络攻击事件及信息设备本身安全事件等。具体采用虚拟机技术,在应用服务器上各自搭建每一个安全隐患事件平台,充分利用第三方应用软件,以降低现场展示系统的研发成本,通过选用合适的便携式软硬件产品,以适合现场展示的需要。该研究结果能提高人们对信息安全攻击事件的认识,以达到提高忧患意识、责任意识和保密意识的目的。
The idea of information security live show is puts forward to deepen the understanding of information security in- cident and attain the effective education training goal. The information security vulnerability is exhibited in two aspects of physi- cal security and logical security respectively. The former includes electromagnetic leakage, information media safety, illegal mon- itoring information devices, etc. The latter includes website malicious code, DNS deceit, phishing attack, information device it- self vulnerability, etc. The virtual machine technology is used to construct a potential security hazard platform on the application server. It makes full use of the third-party software to reduce the development cost of the exhibition system. The appropriate portable software and hardware products are chosen to fit the needs of the scene exhibition. It hopes that the research results can improve people's understanding of the information security vulnerability attacks to realize the purposes of suffering consciousness, responsibility consciousness and confidentiality consciousness.
出处
《现代电子技术》
北大核心
2017年第8期11-13,18,共4页
Modern Electronics Technique
基金
国家"863"计划资助项目(2015AA017202)
关键词
信息安全隐患
展示系统
网络攻击
恶意代码
系统设计
information security vulnerability
display system
network attack
malicious code
system design
