期刊文献+
共找到3,847篇文章
< 1 2 193 >
每页显示 20 50 100
Data Analysis of Network Parameters for Secure Implementations of SDN-Based Firewall
1
作者 Rizwan Iqbal Rashid Hussain +2 位作者 Sheeraz Arif Nadia Mustaqim Ansari Tayyab Ahmed Shaikh 《Computers, Materials & Continua》 SCIE EI 2023年第11期1575-1598,共24页
Software-Defined Networking(SDN)is a new network technology that uses programming to complement the data plane with a control plane.To enable safe connection,however,numerous security challenges must be addressed.Floo... Software-Defined Networking(SDN)is a new network technology that uses programming to complement the data plane with a control plane.To enable safe connection,however,numerous security challenges must be addressed.Flooding attacks have been one of the most prominent risks on the internet for decades,and they are now becoming challenging difficulties in SDN networks.To solve these challenges,we proposed a unique firewall application built on multiple levels of packet filtering to provide a flooding attack prevention system and a layer-based packet detection system.This study offers a systematic strategy for wrapping up the examination of SDN operations.The Mininet simulator examines the effectiveness of SDN-based firewalls at various network tiers.The fundamental network characteristics that specify how SDN should operate.The three main analytical measures of the network are jitter,response time,and throughput.During regular operations,their behavior evaluates in the standard SDN conditions of Transmission Control Protocol(TCP)flooding and User Datagram Protocol(UDP)flooding with no SDN occurrences.Low Orbit Ion Cannon(LOIC)is applied to launch attacks on the transmission by the allocated server.Wireshark and MATLAB are used for the behavioral study to determine how sensitive the parameters are used in the SDN network and monitor the fluctuations of those parameters for different simulated scenarios. 展开更多
关键词 Software defined networking firewall POX controller open v switch Mininet OpenFlow
下载PDF
Optimal configuration of firewall, IDS and vulnerability scan by game theory 被引量:7
2
作者 赵柳榕 梅姝娥 仲伟俊 《Journal of Southeast University(English Edition)》 EI CAS 2011年第2期144-147,共4页
The integrated linkage control problem based on attack detection is solved with the analyses of the security model including firewall, intrusion detection system (IDS) and vulnerability scan by game theory. The Nash... The integrated linkage control problem based on attack detection is solved with the analyses of the security model including firewall, intrusion detection system (IDS) and vulnerability scan by game theory. The Nash equilibrium for two portfolios of only deploying IDS and vulnerability scan and deploying all the technologies is investigated by backward induction. The results show that when the detection rates of IDS and vulnerability scan are low, the firm will not only inspect every user who raises an alarm, but also a fraction of users that do not raise an alarm; when the detection rates of IDS and vulnerability scan are sufficiently high, the firm will not inspect any user who does not raise an alarm, but only inspect a fraction of users that raise an alarm. Adding firewall into the information system impacts on the benefits of firms and hackers, but does not change the optimal strategies of hackers, and the optimal investigation strategies of IDS are only changed in certain cases. Moreover, the interactions between IDS & vulnerability scan and firewall & IDS are discussed in detail. 展开更多
关键词 economics of information systems firewall intrusion detection system (IDS) vulnerability scan securityportfolio strategy
下载PDF
一种适用于Diverse Firewall Design的规则集比较算法 被引量:2
3
作者 李林 卢显良 +3 位作者 李泽平 聂晓文 彭永祥 李梁 《四川大学学报(工程科学版)》 EI CAS CSCD 北大核心 2009年第5期160-164,共5页
随着防火墙规则数目的增多,Diverse Firewall Design设计方法越来越受到重视。在应用该方法进行规则集设计时,多个开发团队会独立地编写若干规则集。由于规则集配置的复杂性,这些规则集有可能不一致。因此,需要使用规则集比较算法,判断... 随着防火墙规则数目的增多,Diverse Firewall Design设计方法越来越受到重视。在应用该方法进行规则集设计时,多个开发团队会独立地编写若干规则集。由于规则集配置的复杂性,这些规则集有可能不一致。因此,需要使用规则集比较算法,判断这些规则集是否等价,以达到检测出错误配置的目的。然而现有规则集比较算法,实现复杂且效率较低。针对这一问题,提出了一种基于规则交集运算的规则集比较算法。该算法首先使用规则冲突消除算法对规则集进行预处理,将规则集比较问题,转换成多维空间中的图形比较问题;然后利用规则交集运算,判断图形所占区域和颜色是否一致,进而确定规则集是否等价。理论分析和测试表明,算法能检测出规则集之间的不同点,且时空效率优于现有算法。 展开更多
关键词 规则集 规则集比较 图形比较 防火墙 规则集正确性
下载PDF
基于校园网的FireWall的构架与实现 被引量:5
4
作者 张国祥 《湖北师范学院学报(自然科学版)》 2000年第3期20-24,共5页
论述了 Fire Wall的工作原理及在校园网中的架构 ,并利用共享软件 Linux实现了 Fire Wall在校园网中的架构 ;该 Fire Wall最大的优点是经济、实用、安全性高。
关键词 校园网 firewall LINUX 安全性
下载PDF
基于Full Proxy的NAT/Firewall的穿越 被引量:1
5
作者 章仁龙 罗宁 《计算机应用与软件》 CSCD 北大核心 2006年第7期101-103,123,共4页
VoIP语音视频流对NAT/F irewall的穿越已经成为语音数据业务开展过程中最大的障碍。Fu ll Proxy提供了一种NAT/F irewall穿越的有效途径,具有很强的适应性和透明性。深入讨论了Fu ll Proxy的实现原理和基于Fu ll Proxy的整个呼叫流程,... VoIP语音视频流对NAT/F irewall的穿越已经成为语音数据业务开展过程中最大的障碍。Fu ll Proxy提供了一种NAT/F irewall穿越的有效途径,具有很强的适应性和透明性。深入讨论了Fu ll Proxy的实现原理和基于Fu ll Proxy的整个呼叫流程,最后在一个嵌入式双CPU系统的基础上实现了一个Fu ll Proxy。 展开更多
关键词 Full PROXY 嵌入式 NAT 防火墙 SIP
下载PDF
浅谈Firewall技术
6
作者 雷超阳 刘军华 《长沙通信职业技术学院学报》 2002年第2期48-50,共3页
Firewall是一种非常有效的网络安全模型。系统分析了Firewall技术中的主要技术数据包过滤和代理服务技术,同时对Firewall的基本类型进行了比较,从而为企业选择一种访问控制策略提供一定的理论依据。
关键词 firewall技术 网络安全 防火墙 计算机网络
下载PDF
基于ACE和SSL的Firewall与IDS联动系统研究
7
作者 马占飞 尹传卓 《计算机工程与科学》 CSCD 北大核心 2014年第8期1486-1492,共7页
随着Internet的迅猛发展,网络攻击的方法和技术越来越智能化和多样化,网络安全需求与日俱增。传统的防火墙(Firewall)与入侵检测系统IDS已不能满足网络安全整体化需求。鉴于此,引入ACE网络通信中间件和SSL协议,采用开放接口方式,从网络... 随着Internet的迅猛发展,网络攻击的方法和技术越来越智能化和多样化,网络安全需求与日俱增。传统的防火墙(Firewall)与入侵检测系统IDS已不能满足网络安全整体化需求。鉴于此,引入ACE网络通信中间件和SSL协议,采用开放接口方式,从网络安全整体性与动态性的需求考虑,设计了一种新型的基于ACE和SSL通信平台的Firewall和IDS协同联动系统模型。该系统模型融合了Firewall和IDS的优点,采用加密信息传输机制、策略管理机制和联动分析算法,确保了传输信息的可靠性、完整性和机密性。实验结果表明,该联动系统不但能够有效地检测和防御攻击,而且具有良好的协作性、通用性和可扩展性。 展开更多
关键词 网络安全 入侵检测系统 防火墙 联动 中间件
下载PDF
用IPTABLES构建LINUX FIREWALL在校园网中的应用
8
作者 孙元军 《计算机时代》 2006年第11期32-34,共3页
在校园网迅速发展的现在,服务器的安全问题成了网络管理员最为关心的问题。为了提高服务器的安全性,文章提出利用基于LINUX的IPTABLES构建防火墙,然后结合学校实际情况对外提供各种服务,例如:Web、FTP、MAIL等等;并给出了一套关于Web服... 在校园网迅速发展的现在,服务器的安全问题成了网络管理员最为关心的问题。为了提高服务器的安全性,文章提出利用基于LINUX的IPTABLES构建防火墙,然后结合学校实际情况对外提供各种服务,例如:Web、FTP、MAIL等等;并给出了一套关于Web服务的访问进出规则。 展开更多
关键词 LINUX firewall IPTABLES 校园网
下载PDF
Etrust Firewall在校园网络安全中的应用
9
作者 潘瑜 《常州工学院学报》 2003年第2期63-67,共5页
防火墙是一个或一组系统 ,它能够过滤进入和离开校园计算机网络的数据 ,EtrustFire wall能够根据各种给定的条件来保护网络 ,这些给定的条件既可以是指定的应用程序和指定的网络服务 ,也可以是指定的源地址和目标地址等。它通常以单个... 防火墙是一个或一组系统 ,它能够过滤进入和离开校园计算机网络的数据 ,EtrustFire wall能够根据各种给定的条件来保护网络 ,这些给定的条件既可以是指定的应用程序和指定的网络服务 ,也可以是指定的源地址和目标地址等。它通常以单个规则为基础 ,为校园计算机网络提供一致的安全保护。利用EtrustFirewall可以快速和容易地保护校园计算机网络 。 展开更多
关键词 Etrustfirewall 校园网 网络安全 防火墙 访问控制 数据包过滤 代理服务器 状态包过滤 停火区技术 JavaGUI 组件安装
下载PDF
An Algorithm for Optimal Firewall Placement in IEC61850 Substations 被引量:3
10
作者 Hermes Eslava Luis Alejandro Rojas Danny Pineda 《Journal of Power and Energy Engineering》 2015年第4期16-22,共7页
Recently, most electric power substations have adopted production control systems, such as SCADA systems, which communicate with field devices and remotely control processes from a computer screen. However, these syst... Recently, most electric power substations have adopted production control systems, such as SCADA systems, which communicate with field devices and remotely control processes from a computer screen. However, these systems together with protection measures and additional control actions (using protocol IEC61850) seem not to be enough to free substations of security attacks (e.g. virus, intruders, forgery or unauthorized data manipulation). This paper analyzes the main features of an electric power substation together with the aspects that might be significantly affected by cyber-attacks. The paper also presents the implementation of a specific security system (i.e. firewall-wise system) intended to protect a target distribution network. 展开更多
关键词 firewall SECURITY SUBSTATIONS ELECTRIC Power IEC61850
下载PDF
Modeling and Global Conflict Analysis of Firewall Policy 被引量:2
11
作者 LIANG Xiaoyan XIA Chunhe +2 位作者 JIAO Jian HU Junshun LI Xiaojian 《China Communications》 SCIE CSCD 2014年第5期124-135,共12页
The global view of firewall policy conflict is important for administrators to optimize the policy.It has been lack of appropriate firewall policy global conflict analysis,existing methods focus on local conflict dete... The global view of firewall policy conflict is important for administrators to optimize the policy.It has been lack of appropriate firewall policy global conflict analysis,existing methods focus on local conflict detection.We research the global conflict detection algorithm in this paper.We presented a semantic model that captures more complete classifications of the policy using knowledge concept in rough set.Based on this model,we presented the global conflict formal model,and represent it with OBDD(Ordered Binary Decision Diagram).Then we developed GFPCDA(Global Firewall Policy Conflict Detection Algorithm) algorithm to detect global conflict.In experiment,we evaluated the usability of our semantic model by eliminating the false positives and false negatives caused by incomplete policy semantic model,of a classical algorithm.We compared this algorithm with GFPCDA algorithm.The results show that GFPCDA detects conflicts more precisely and independently,and has better performance. 展开更多
关键词 firewall policy semantic model conflict analysis conflict detection
下载PDF
The Security Technology of E-commence——Intelligent Packet-filtering Firewalls
12
作者 WU Jin-lin 1, WU Qing-fen 2 (1. Computer Science Department, Xiamen University, Xiamen 361005, Chi na 2. Computer Science Department, Harbin University of Science and Technology, H arbin 150080, China) 《厦门大学学报(自然科学版)》 CAS CSCD 北大核心 2002年第S1期277-,共1页
Research has revealed that, in the next ten to twen ty years, the implementation of E-commence will become a new basis of economic in crease of China and other countries in the world. And the essence of implementin g ... Research has revealed that, in the next ten to twen ty years, the implementation of E-commence will become a new basis of economic in crease of China and other countries in the world. And the essence of implementin g E-commerce is the credit standing among the banks, the sellers and the custom ers. But the credit standing in the net ultimately depends on the security of th e network. Firewall is a useful network security technology to keep a network fr om being intruded. The rational use of firewalls can strengthen the security of the E-commence system. Traditional package-filtering firewalls usually rej ect the illegal accesses and admit the legal accesses according to filtering pol icy established by the administrator in advance. But the measures of attacking n etworks are increasing, so ACL (access control list) that is established in adva nce can hardly meet the needs of the rapid development of the network. And the r eal-time quality and sensitivity of traditional firewalls are not satisfied. No w a new model of implementing the expert system to the management of network sec urity is brought forward. The focus of the intelligent packet-filtering firewal l lies on the expert system. The tight combination of expert system and the filt ering method can realize the efficient detection and control of the packages tha t flow through the firewall system. By using the intelligent firewall, the secur ity of the E-commence can be strengthened indeed. 展开更多
关键词 firewall ES E-COMMERCE ACL
下载PDF
Performance Comparison and Simulink Model of Firewall Free BSD and Linux
13
作者 Fontaine Rafamantanantsoa Haja Louis Rabetafika 《Communications and Network》 2018年第4期180-195,共16页
In recent years, the number of users connected to the Internet has experienced a phenomenal growth. The security of systems and networks become essential. That is why the performance of Linux firewall and Berkeley Sof... In recent years, the number of users connected to the Internet has experienced a phenomenal growth. The security of systems and networks become essential. That is why the performance of Linux firewall and Berkeley Software Distribution (BSD) are of paramount importance in security systems and networks in all businesses. The following evaluates the firewall based tool that we have developed in Python and Scapy, which performs time measurements by serving packets traversing the firewall test. Several results were presented: the speed of the firewall under FreeBSD in terms of service time compared to the speed of the firewall under Linux as the number of rules increases;the speed of the filtering rule of a firewall stateless in terms of service time compared to the filtering rule of an active firewall gradually as the number of rules increases. Then, for care of simplicity, we have presented the queue M/M/1/K to model the performances of firewalls. The resulting model was validated using Simulink and mean squared error. The analytical model and Simulink of the firewalls are presented in the article. 展开更多
关键词 firewall Ipfw IPTABLES PYTHON Scapy SIMULINK Statefull firewall Stateless firewall
下载PDF
配置FirewallD防火墙 被引量:2
14
作者 王震华 朱丽璇 《网络安全和信息化》 2020年第2期124-128,共5页
FirewallD防火墙可以说取代了iptables防火墙,支持动态更新技术并加入了区域(Zone)的概念,本文对FirewallD防火墙服务组件的功能和日常使用进行了整理。
关键词 防火墙 firewall 服务组件 动态更新
下载PDF
Distributed Broker-Agent Architecture for Multimedia Communications Traversing NAT/Firewall in NGN
15
作者 苟先太 金炜东 《Journal of Southwest Jiaotong University(English Edition)》 2004年第2期123-129,共7页
The forthcoming Next Generation Network (NGN) is an all IP network. Multimedia communications over IP networks are a type of bundled session communications, which cannot directly traverse Network Address Translations ... The forthcoming Next Generation Network (NGN) is an all IP network. Multimedia communications over IP networks are a type of bundled session communications, which cannot directly traverse Network Address Translations (NATs) and firewalls even in NGN. To solve the problem that the existing traversal methods are not suitable for service providers to set up a real system in NGN, a Distributed Broker-agent Architecture (DBA) is addressed. DBA is secure and realizable for service providers and enterprises because it is easy to set up and does not need to upgrade the existing devices like Firewalls, NATs or endpoint devices of subscribers. DBA is composed of two-layer distributed agents, the server proxies and the client agents, in which all multimedia communications use shared tunnels to carry signaling messages and media data between broker-agents, and the call signaling is encrypted over Security Socket Layer (SSL) to guarantee the security of calling. Moreover, the function model and multiplexed connection messages format of DBA are designed, which lays a basis for the protocol in the future NGN. In addition, a simple implementation based on H.323 verifyies the main function of traversing firewalls and NATs. 展开更多
关键词 Broker-agent Next Generation Network Multimedia communication Traversing NAT/firewall
下载PDF
Proactive Security Mechanism and Design for Firewall
16
作者 Saleem-Ullah Lar Xiaofeng Liao +1 位作者 Aqeel ur Rehman MA Qinglu 《Journal of Information Security》 2011年第3期122-130,共9页
In this paper we have present the architecture and module for internet firewall. The central component is fuzzy controller while properties of packets are fuzzified as inputs. On the basis of proposed fuzzy security a... In this paper we have present the architecture and module for internet firewall. The central component is fuzzy controller while properties of packets are fuzzified as inputs. On the basis of proposed fuzzy security algorithm, we have figured out security level of each packet and adjust according to packets dynamic states. Internet firewall can respond to these dynamics and take respective actions accordingly. Therefore, proactive firewall solves the conflict between speed and security by providing high performance and high security. Simulation shows that if the response value is in between 0.7 and 1 it belongs to high security. 展开更多
关键词 firewall SECURITY SECURITY EVALUATION NETWORK SECURITY
下载PDF
RHEL7中防火墙Firewalld典型应用与配置 被引量:1
17
作者 王煜林 《电脑与电信》 2014年第9期48-49,共2页
本文研究了RHEL7中防火墙的变化,以前RHEL6用的是iptables、ip6tables与ebtables,现在在RHEL7中使用的是基于zone的firewalld防火墙。对于初学者来说,甚难理解,本文通过两个典型应用,重点讲解了firewalld的原理与应用。
关键词 防火墙 firewalld ZONE
下载PDF
Centos7防火墙firewalld探究与使用 被引量:1
18
作者 蒋光远 《信息与电脑》 2019年第3期161-162,共2页
Centos7使用的防火墙firewalld与之前版本的防火墙iptables相比有很大变化。因此,对Centos7中防火墙firewalld的原理、配置实例做出了详细阐述。Centos是Linux发行版之一,Centos7是目前红帽再编译版本的最高版本。随着Centos系统的发展... Centos7使用的防火墙firewalld与之前版本的防火墙iptables相比有很大变化。因此,对Centos7中防火墙firewalld的原理、配置实例做出了详细阐述。Centos是Linux发行版之一,Centos7是目前红帽再编译版本的最高版本。随着Centos系统的发展,其版本已经更新到7,而教材中的Centos系统多是7以下的版本。 展开更多
关键词 firewalld 防火墙 原理 实例
下载PDF
Tiny Personal Firewall 5.00.1200
19
《软件》 2003年第9期10-10,共1页
关键词 TINY PERSONAL firewall 5.00.1200 防火墙软件 网络安全 计算机网络
下载PDF
Sygate personal firewall
20
《软件》 2003年第12期8-8,共1页
Sygate personal firewall是一个简单易用的个人防火墙,适合于那些网络中的单机用户来防止入侵者非法进入系统。作为一个基于主机的解决方案。该软件提供了多层保护的防火墙安全环境,可以有效地防止入侵者和黑客的侵袭。
关键词 个人防火墙 网络安全 入侵检测系统 计算机网络 SYGATE PERSONAL firewall
下载PDF
上一页 1 2 193 下一页 到第
使用帮助 返回顶部