信息安全概论论文.doc

《信息安全概论论文.doc》由会员分享，可在线阅读，更多相关《信息安全概论论文.doc（17页珍藏版）》请在咨信网上搜索。

-------------各类专业好文档，值得你下载，教育，管理，论文，制度，方案手册，应有尽有-------------- 湖南科技大学 《信息安全概论》 课程考察报告 学 院： 潇湘学院 专 业： 网络工程 班 级： 001班 姓 名： 乔立夫 学 号： 1055020105 指导教师： 李 雄 成 绩： 评语： 2013年 6 月 30 日 附件1 外文资料翻译译文： 浅析网络安全的技术 过去两个世纪中，工业技术代表了一个国家的军事实力和经济实力。飞速发展的今天，对信息技术的掌握是在二十一世纪增强综合国力的关键。 随着计算机技术的发展，在计算机上处理业务已由基于单机的数学运算、文件处理，基于简单连结的内部网络的内部业务处理、办公自动化等发展到基于企业复杂的内部网、企业外部网?、全球互联网的企业级计算机处理系统和世界范围内的信息共享和业务处理。在信息处理能力提高的同时，系统的连结能力也在不断的提高。但在连结信息能力、流通能力提高的同时，基于网络连接的安全问题也日益突出。本文主要从以下几个方面进行探讨： 一、 网络在开放的同时存在的安全问题 Internet的开放性以及其他方面因素导致了网络环境下的计算机系统存在很多安全问题。为了解决这些安全问题，各种安全机制、策略和工具被研究和应用。然而，即使在使用了现有的安全工具和机制的情况下，网络的安全仍然存在很大隐患，这些安全隐患主要可以归结为以下几点： 1) 安全机制的局限 每一种安全机制都有一定的应用范围和应用环境。防火墙是一种有效的安全工具，它可以隐蔽内部网络结构，限制外部网络到内部网络的访问。但是对于内部网络之间的访问，防火墙往往是无能为力的。因此，对于内部网络到内部网络之间的入侵行为和内外勾结的入侵行为，防火墙是很难发觉和防范的。 2) 安全管理机制的建立 常用的安全管理机制有：口令管理;各种密钥的生成、分发与管理;全网统一的管理员身份鉴别与授权;建立全系统的安全评估体系;建立安全审计制度;建立系统及数据的备份制度;建立安全事件/安全报警反应机制和处理预案;建立专门的安全问题小组和快速响应体系的运作等。 为了增强系统的防灾救灾能力,还应制定灾难性事故的应急计划,如紧急行动方案,资源(硬件,软件,数据等)备份及操作计划,系统恢复和检测方法等。 3) 安全工具的影响 安全工具的使用效果受到人为因素的影响。一个安全工具能不能实现期望的效果，在很大程度上取决于使用者，包括系统管理者和普通用户，不正当的使用就会产生不安全因素。例如，NT在进行合理的设置后可以达到C2级的安全性，但很少有人能够对NT本身的安全策略进行合理的设置。虽然在这方面，可以通过静态扫描工具来检测系统是否进行了合理的设置，但是这些扫描工具基本上也只是基于一种缺省的系统安全策略进行比较，针对具体的应用环境和专门的应用需求就很难判断设置的正确性。 4) 系统在安全方面的问题 系统的后门是传统安全工具难于考虑到的地方。防火墙很难考虑到这类安全问题，多数情况下，这类入侵行为可以堂而皇之经过防火墙而很难被察觉；比如说，众所周知的ASP源码问题，这个问题在IIS服务器4.0以前一直存在，它是IIS服务的设计者留下的一个后门，任何人都可以使用浏览器从网络上方便地调出ASP程序的源码，从而可以收集系统信息，进而对系统进行攻击。对于这类入侵行为，防火墙是无法察觉的，因为对于防火墙来说，该入侵行为的访问过程和正常的Web访问是相似的，唯一区别是入侵访问在请求链接中多加了一个后缀。 5) 只要有程序，就可能存在BUG 只要有程序，就可能存在BUG。甚至连安全工具本身也可能存在安全的漏洞。几乎每天都有新的BUG被发现和公布出来，程序设计者在修改已知的BUG的同时又可能使它产生了新的BUG。系统的BUG经常被黑客利用，而且这种攻击通常不会产生日志，几乎无据可查。比如说现在很多程序都存在内存溢出的BUG，而安全工具对于利用这些BUG的攻击几乎无法防范。 6) 黑客攻击的力度 几乎每天都有不同系统安全问题出现。黑客的攻击手段在不断地更新，而安全工具的更新速度远远落后于攻击手段的更新速度，绝大多数情况需要人为的参与才能发现以前未知的安全问题，这就使得它们对新出现的安全问题总是反应太慢。当安全工具刚发现并努力更正某方面的安全问题时，其他的安全问题又出现了。因此，黑客总是可以使用先进的、安全工具无法发现的手段进行攻击。 二、 网络系统的漏洞，导致黑客在网上任意畅行 根据Warroon?Research的调查，1997年世界排名前一千的公司几乎都曾被黑客闯入。 据美国FBI统计，美国每年因网络安全造成的损失高达75亿美元。 Ernst和Young报告，由于信息安全被窃或滥用，几乎80%的大型企业遭受损失 在最近一次黑客大规模的攻击行动中，雅虎网站的网络停止运行3小时，令其损失了几百万美金的交易。而据统计在这整个行动中美国经济共损失了十多亿美金。由于业界人心惶惶，亚马逊(A)、AOL、雅虎(Yahoo!)、eBay的股价均告下挫，以科技股为主的那斯达克指数(Nasdaq)打破过去连续三天创下新高的升势，下挫了六十三点，杜琼斯工业平均指数周三收市时也跌了二百五十八点。看到这些令人震惊的事件，不禁让人们发出疑问：“网络还安全吗？” 据不完全统计，目前，我国网站所受到黑客的攻击，虽然还不能与美国的情况相提并论，但是我国的用户数目、用户规模已经达到了突飞猛进的阶段，以下事实也不能不让我们深思： 1993年底，中科院高能所就发现有“黑客”侵入现象，某用户的权限被升级为超级权限，当系统管理员跟踪时，被其报复。 1994年，美国一位14岁的小孩通过互联网闯入中科院网络中心和清华的主机，并向我方系统管理员提出警告。 1996年，高能所再次遭到“黑客”入侵，私自在高能所主机上建立了几十个帐户，经追踪发现是国内某拨号上网的用户。 同期，国内某ISP发现“黑客”侵入其主服务器并删改其帐号管理文件，造成数百人无法正常使用。 1997年，中科院网络中心的主页面被“黑客”用魔鬼图替换。 进入1998年，黑客入侵活动日益猖獗，国内各大网络几乎都不同程度地遭到黑客的攻击： 2月，广州视聆通被黑客多次入侵，造成4小时的系统失控； 4月，贵州信息港被黑客入侵，主页被一幅淫秽图片替换； 5月，大连ChinaNET节点被入侵，用户口令被盗； 6月，上海热线被侵入，多台服务器的管理员口令被盗，数百个用户和工作人员的账号和密码被窃取； 7月，江西169网被黑客攻击，造成该网3天内中断网络运行2次达30个小时，工程验收推迟20天；同期，上海某证券系统被黑客入侵； 8月，印尼事件激起中国黑客集体入侵印尼网点，造成印尼多个网站瘫痪，但与此同时，中国的部分站点遭到印尼黑客的报复；同期，西安某银行系统被黑客入侵后，提走80.6万元现金。 9月，扬州某银行被黑客攻击，利用虚存帐号提走26万元现金。 10月，福建省图书馆主页被黑客替换。 2007年6月18岁少年黑客攻击两千家网站，只为炫耀水平。 2008年5月陕西省地震局网站遭黑客短时攻击，并在网站首页恶意发布“网站出现重大安全漏洞”的虚假信息。 2008年9月北大网站遭黑客攻击，假冒校长抨击大学教育。 三、 网络安全体系的探讨 现阶段为保证网络正常工作常用的方法如下： 1) 网络病毒的防范 在网络环境下，病毒传播扩散快，仅用单机防病毒产品已经很难彻底清除网络病毒，必须有适合于局域网的全方位防病毒产品。校园网络是内部局域网，就需要一个基于服务器操作系统平台的防病毒软件和针对各种桌面操作系统的防病毒软件。如果与互联网相连，就需要网关的防病毒软件，加强上网计算机的安全。如果在网络内部使用电子邮件进行信息交换，还需要一套基于邮件服务器平台的邮件防病毒软件，识别出隐藏在电子邮件和附件中的病毒。所以最好使用全方位的防病毒产品，针对网络中所有可能的病毒攻击点设置对应的防病毒软件，通过全方位、多层次的防病毒系统的配置，通过定期或不定期的自动升级，使网络免受病毒的侵袭。 2) 运用防火墙 利用防火墙，在网络通讯时执行一种访问控制尺度，允许防火墙同意访问的人与数据进入自己的内部网络，同时将不允许的用户与数据拒之门外，最大限度地阻止网络中的黑客来访问自己的网络，防止他们随意更改、移动甚至删除网络上的重要信息。防火墙是一种行之有效且应用广泛的网络安全机制，防止Internet上的不安全因素蔓延到局域网内部，所以，防火墙是网络安全的重要一环。虽然防火墙是目前保护网络免遭黑客袭击的有效手段，但也有明显不足：无法防范通过防火墙以外的其它途径的攻击，不能防止来自内部变节者和不经心的用户们带来的威胁，也不能完全防止传送已感染病毒的软件或文件，以及无法防范数据驱动型的攻击。 3) 采用入侵检测系统 入侵检测技术是为保证计算机系统的安全而设计与配置的一种能够及时发现并报告系统中未授权或异常现象的技术，是一种用于检测计算机网络中违反安全策略行为的技术。在入侵检测系统中利用审计记录，入侵检测系统能够识别出任何不希望有的活动，从而达到限制这些活动，以保护系统的安全。在校园网络中采用入侵检测技术，最好采用混合入侵检测，在网络中同时采用基于网络和基于主机的入侵检测系统，则会构架成一套完整立体的主动防御体系。 4) Web、Email、BBS的安全监测系统 在网络的www服务器、Email服务器等中使用网络安全监测系统，实时跟踪、监视网络，截获Internet网上传输的内容，并将其还原成完整的www、Email、FTP、Telnet应用的内容，建立保存相应记录的数据库。及时发现在网络上传输的非法内容，及时向上级安全网管中心报告，采取措施。 5) 漏洞扫描系统 解决网络层安全问题，首先要清楚网络中存在哪些安全隐患、脆弱点。面对大型网络的复杂性和不断变化的情况，仅仅依靠网络管理员的技术和经验寻找安全漏洞、做出风险评估，显然是不现实的。解决的方案是，寻找一种能查找网络安全漏洞、评估并提出修改建议的网络安全扫描工具，利用优化系统配置和打补丁等各种方式最大可能地弥补最新的安全漏洞和消除安全隐患。在要求安全程度不高的情况下，可以利用各种黑客工具，对网络模拟攻击从而暴露出网络的漏洞。 6) IP盗用问题的解决，在路由器上捆绑IP和MAC地址 当某个IP通过路由器访问Internet时，路由器要检查发出这个IP广播包的工作站的MAC是否与路由器上的MAC地址表相符，如果相符就放行。否则不允许通过路由器，同时给发出这个IP广播包的工作站返回一个警告信息。 7) 利用网络监听维护子网系统安全 对于网络外部的入侵可以通过安装防火墙来解决，但是对于网络内部的侵袭则无能为力。在这种情况下，我们可以采用对各个子网做一个具有一定功能的审计文件，为管理人员分析自己的网络运作状态提供依据。设计一个子网专用的监听程序。该软件的主要功能为长期监听子网络内计算机间相互联系的情况，为系统中各个服务器的审计文件提供备份。 总之，网络安全是一个系统的工程，不能仅仅依靠防火墙等单个的系统，而需要仔细考虑系统的安全需求，并将各种安全技术，如密码技术等结合在?一起，才能生成一个高效、通用、安全的网络系统。我国信息网络安全技术的研究和产品开发仍处于起步阶段，仍有大量的工作需要我们去研究、开发和探索，以走出有中国特色的产学研联合发展之路，赶上或超过发达国家的水平，以此保证我国信息网络的安全，推动我国国民经济的高速发展。 参 考 文 献 [1]卢开澄：《计算机密码学—计算机网络中的数据预安全》（清华大学出版社2004.1） [2]余建斌：《黑客的攻击手段及用户对策》（北京人民邮电出版社2004.6） [3]蔡立军：《计算机网络安全技术》（中国水利水电出版社2005.9） [4]邓文渊、陈惠贞、陈俊荣：《ASP与网络数据库技术》（中国铁道出版社2007.4） [5]刘远生：《计算机网络安全》（清华大学出版社2006.8） [6]袁德明：《计算机网络安全》（电子工业出版社2007.6） 外文原文： Brief analysis network security technology In the past two centuries, industrial technology represents a country's military and economic strength. Today, the rapid development of information technology in the twenty-first century have enhanced overall national strength of the key. With the development of computer technology in the computer business has been based on a single mathematical computing, document processing, based on a simple link to the internal network of internal business processes, such as office automation to the development of enterprises based on the complexity of the intranet, extranet , The global Internet enterprise-class computer systems and dealing with the world of business and information-sharing deal. In the information processing capacity, the ability to link the system has been improved. But the link in the information capacity, the ability to improve circulation at the same time, Web-based connections are also becoming more prominent security issues. This article from the following areas to explore: First, in an open network at the same time there are security issues . Internet's openness as well as other factors led to the network environment, the computer system is riddled with security problems. In order to address these security issues, a variety of safety mechanisms, strategies and tools for research and application have been. However, even in the use of existing tools and mechanisms for security, network security is still a great danger that these potential safety problems can be attributed mainly to the following: a) the limitations of security Each security mechanism must have the scope of the application and application environment. Firewall is an effective security tool, which can be concealed within the structure of the network to limit external network access to internal networks. But the visit between the internal network, the firewall is often powerless. Therefore, the internal network to the internal network between the invasion and the invasion of collusion, it is very difficult to find a firewall and guard against. b) security management mechanism Common safety management mechanism: the management of passwords; a variety of key generation, distribution and management; reunification of the entire network administrator authentication and authorization; the establishment of a system-wide assessment of the security system; the establishment of the security audit system; the establishment of systems and data Backup system; the establishment of security incidents / security alarm and response mechanism to deal with plans; the establishment of specialized teams and the safety of the operation of the rapid response system, and so on. In order to strengthen the system for disaster prevention and response capability, but also to develop contingency plans for catastrophic accidents, such as an emergency action plan resources (hardware, software, data, etc.) to back up and operational plans, systems and the resumption of testing methods. c) the impact of security tools Security tools by the effects of man-made factors. A security tool to achieve the desired effect, to a large extent depends on the users, including system administrators and ordinary users, improper use will generate insecurity. For example, NT in a reasonable setting can be achieved after the C2 level of security, but very few people able to NT's own security policy for setting reasonable. In this regard, though, can still scanning tool to detect whether the system was set up reasonable, but the scan tool is basically just a system based on a default security policy comparison, for specific application environments and specialized applications It will be very difficult to judge the correctness of settings. d) system in the area of security problems The system is the back-traditional security tools difficult to take into account. Firewall is difficult to take into account the type of security issues, in most cases, these intrusions can legitimately through the firewall and difficult to detect; For example, the well-known ASP source issue in the IIS Server 4.0 has been previously exist, it is IIS services of a designer left the back door, no one can use the browser from the network to facilitate the transfer of the ASP program source code, which can collect information systems, which attack the system. For this type of invasion, the firewall can not be perceived as a firewall for example, the act of invasion and the normal course of the visit of the visit was similar to the Web, the only difference is that the invasion of the visit to link the request to add a suffix. e) As long as there are procedures that may exist on the BUG As long as there are procedures that may exist on the BUG. Even the security tools also possible security loopholes. Almost every day a new BUG was found and published, in the process to amend the designer known for BUG at the same time, it may have had a new BUG. BUG system, hackers often use, and this attack does not normally have a log, almost no data are available. For example, many programs the existence of the memory overflow BUG, and safe use of these tools for BUG's almost impossible to guard against attacks. f) hacking efforts Almost every day, a different system security problems. Means hackers are constantly updated, and security tools to update the rate lagged far behind the attacks means the update rate, the vast majority of cases people need to be able to participate in the discovery of previously unknown security issues, making their impact on emerging security The question is always too slow in responding. When the security tools to detect and correct just a safety issue, other security issues have emerged. As a result, hackers can always use advanced security tools can not find the means to carry out attacks. Second, the network's vulnerability has led to arbitrary hackers on the Internet Hang According to the Warroon? Research survey, inl 1997 the world's top 1000 companies have been almost hackers broke into. According to FBI statistics of the United States, the United States each year as a result of network security caused by the loss of up to 7,500,000,000 U.S. dollars. Ernst and Young report, due to theft or misuse of informationl security, almost 80% of large enterprises suffered losses In a recentl large-scale hacker attacks, the Yahoo Web site to stop running 3 hours, so the loss of millions of dollars of transactions. According to statistics, and in this whole operation, the U.S. economy has lost a total of over one billion U.S. dollars. As the panic of the industry, Amazon (A), AOL, Yahoo (Yahoo!), EBay shares were down, technology-dominated Nasdaq stock index (Nasdaq) over the past three consecutive days to break the record The rally, a 63-point drop, the Dow Jones Industrial Average closed Wednesday, also fell 258 points. To see these shocking events, so that people can not help but issued a doubt: "Network security has?" According to incomplete statistics, at present, our web site by the hackers, although not on a par with the United States, China, but the number of customers, the size of users has reached the stage of rapid progress, the fact that we can not let food for thought: By the end of 1993, the High Energy Institute, Chinese Academy of Sciences have found a "hacker" intrusion, a user's permission has been upgraded to a super-powers, when the system administrator to track, was his revenge. In 1994, the United States, a 14-year-old children via the Internet into Chinese Academy of Sciences Network Center of Tsinghua University and host to our system administrator warned. In 1996, the High Energy Institute has once again been a "hacker" invasion, in the private High Energy Institute hosts dozens of accounts set up, the track is found in a dial-up users. Over the same period, domestic ISP found a "hacker" invasion of its main server and delete the account of its document management, resulting in hundreds of people can not use. In 1997, the Chinese Academy of Sciences Network Center of the page was a "hacker" with plans to replace the devil. To enter in 1998, the hacking activity is on the increase, almost all major networks have met with varying degrees of hacker attacks: In February, Guangzhou Shi Lingtong invasion by hackers several times, resulting in 4 hours the system out of control; In April, Guizhou port hacking, home to be replaced by an obscene picture; May, Dalian ChinaNET node invasion, user passwords stolen; In June, the Shanghai hotline has been invaded, the server administrator password was stolen, hundreds of customers and staff of the stolen account number and password; July, Jiangxi was 169 network hacker attacks, resulting in the net within 3 days to run 2nd network interrupted for 30 hours, project acceptance to postpone for 20 days; the same period, the Shanghai Securities of a system to hacking; August, Indonesian Chinese hackers collective events among Indonesia's invasion outlets, resulting in a number of sites Indonesia paralyzed, but at the same time, China was Indonesia's part of the site hacker retaliation; the same period, Xi'an, a banking system to hacking, go to 806,000 yuan in cash. September, Yangzhou was a bank hacker attacks, the use of virtual-to-deposit accounts to take 260,000 yuan in cash. In October, the Fujian Provincial Library home page was replaced by hackers. June 2007 18-year-old juvenile hacking Web site 2000, only to show off the level. May 2008 Web site in Shaanxi Province have been short-time hacker attacks and malicious Web page publicat