基于Hadoop的網(wǎng)絡(luò)安全管理系統(tǒng)的研究與實現(xiàn)
發(fā)布時間:2019-01-02 18:52
【摘要】:計算機(jī)和通信技術(shù)的不斷變革創(chuàng)新,使得網(wǎng)絡(luò)已經(jīng)深入到人們生活的各個領(lǐng)域,在彼此的生活工作中扮演著不可替代的角色。計算機(jī)通信在帶給人們工作便利的同時,也帶來了重大安全隱患:信息丟失、損毀,網(wǎng)絡(luò)攻擊,病毒侵略等等。在一系列的慘痛經(jīng)驗教訓(xùn)下,人們也越來越意識到網(wǎng)絡(luò)安全的重要性。網(wǎng)絡(luò)安全管理系統(tǒng)應(yīng)運而生。它能夠很好地對局域網(wǎng)內(nèi)各種安全設(shè)備,工作主機(jī)進(jìn)行監(jiān)控。但傳統(tǒng)的網(wǎng)絡(luò)安全管理系統(tǒng)已不能滿足日益增長的安全數(shù)據(jù)的存儲和對海量數(shù)據(jù)的業(yè)務(wù)處理要求。 本文針對系統(tǒng)新需求,結(jié)合當(dāng)前發(fā)展趨勢,提出了基于Hadoop的網(wǎng)絡(luò)安全管理系統(tǒng)的設(shè)計的新方案:1,利用Hadoop集群的整體存儲能力,結(jié)合傳統(tǒng)網(wǎng)絡(luò)安全管理系統(tǒng)的關(guān)系數(shù)據(jù)庫存儲數(shù)據(jù)方式,取代原有單一數(shù)據(jù)存儲模型,解決傳統(tǒng)網(wǎng)絡(luò)安全管理系統(tǒng)無法存儲大量數(shù)據(jù)且數(shù)據(jù)易丟失和不一致的問題。2,利用Hadoop集群的并行計算能力,結(jié)合傳統(tǒng)網(wǎng)絡(luò)安全管理系統(tǒng)的業(yè)務(wù)處理流程,解決單一服務(wù)器在處理海量數(shù)據(jù)時存在的速度過慢影響系統(tǒng)性能的問題。 該系統(tǒng)包括包括設(shè)備管理模塊、事件處理模塊、安全評估模塊和數(shù)據(jù)備份模塊。設(shè)備管理模塊用于實現(xiàn)整個對整個局域網(wǎng)內(nèi)所有設(shè)備的控制,包括安全設(shè)備,工作主機(jī),可信設(shè)備和未知設(shè)備。事件模塊用于接收所有安全設(shè)備上報的信息,并直觀展示給管理者。安全評估模塊匯總整個網(wǎng)絡(luò)內(nèi)的安全數(shù)據(jù)信息,并按照相應(yīng)規(guī)則,對當(dāng)前網(wǎng)絡(luò)安全情況作出判斷。該模塊的任務(wù)調(diào)度使用了改進(jìn)后的Hadoop集群的公平調(diào)度算法,能夠積極響應(yīng)一級網(wǎng)絡(luò)安全管理系統(tǒng)的請求,更適合本系統(tǒng)的實際情況。數(shù)據(jù)備份模塊結(jié)合Hadoop集群,共建了一個級聯(lián)安管系統(tǒng)的數(shù)據(jù)存儲中心,數(shù)據(jù)分為系統(tǒng)數(shù)據(jù)和事件數(shù)據(jù)兩部分,所有數(shù)據(jù)都上傳至該中心,保證了一致性和可用性。
[Abstract]:With the continuous innovation of computer and communication technology, the network has penetrated into every field of people's life and plays an irreplaceable role in each other's life and work. Computer communication not only brings convenience to people's work, but also brings great security problems: information loss, damage, network attack, virus invasion and so on. In a series of painful lessons, people are also increasingly aware of the importance of network security. Network security management system came into being. It can monitor all kinds of security equipment and working host in LAN. However, the traditional network security management system can no longer meet the requirements of increasing storage of security data and processing of massive data. According to the new demand of the system and the current development trend, this paper puts forward a new design scheme of the network security management system based on Hadoop: 1, using the whole storage capacity of the Hadoop cluster, Combining the traditional network security management system with the relational database to store data, it replaces the original single data storage model, solves the problem that the traditional network security management system can not store a large amount of data and the data is easily lost and inconsistent. By using the parallel computing capability of Hadoop cluster and the business process of traditional network security management system, the problem that the slow speed of single server processing magnanimous data affects the system performance is solved. The system includes equipment management module, event handling module, security evaluation module and data backup module. The device management module is used to control all devices in the whole LAN, including security devices, working hosts, trusted devices and unknown devices. The event module is used to receive the information reported by all security devices and display it directly to the manager. The security evaluation module aggregates the security data information of the whole network and judges the current network security situation according to the corresponding rules. The task scheduling of this module uses the improved fair scheduling algorithm of Hadoop cluster, which can respond positively to the request of the first level network security management system, and is more suitable for the actual situation of the system. The data backup module combined with Hadoop cluster constructs a data storage center of a level Monua system. The data is divided into two parts: system data and event data. All the data are uploaded to the center to ensure consistency and availability.
【學(xué)位授予單位】:北京郵電大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TP393.08;TP393.07
本文編號:2398855
[Abstract]:With the continuous innovation of computer and communication technology, the network has penetrated into every field of people's life and plays an irreplaceable role in each other's life and work. Computer communication not only brings convenience to people's work, but also brings great security problems: information loss, damage, network attack, virus invasion and so on. In a series of painful lessons, people are also increasingly aware of the importance of network security. Network security management system came into being. It can monitor all kinds of security equipment and working host in LAN. However, the traditional network security management system can no longer meet the requirements of increasing storage of security data and processing of massive data. According to the new demand of the system and the current development trend, this paper puts forward a new design scheme of the network security management system based on Hadoop: 1, using the whole storage capacity of the Hadoop cluster, Combining the traditional network security management system with the relational database to store data, it replaces the original single data storage model, solves the problem that the traditional network security management system can not store a large amount of data and the data is easily lost and inconsistent. By using the parallel computing capability of Hadoop cluster and the business process of traditional network security management system, the problem that the slow speed of single server processing magnanimous data affects the system performance is solved. The system includes equipment management module, event handling module, security evaluation module and data backup module. The device management module is used to control all devices in the whole LAN, including security devices, working hosts, trusted devices and unknown devices. The event module is used to receive the information reported by all security devices and display it directly to the manager. The security evaluation module aggregates the security data information of the whole network and judges the current network security situation according to the corresponding rules. The task scheduling of this module uses the improved fair scheduling algorithm of Hadoop cluster, which can respond positively to the request of the first level network security management system, and is more suitable for the actual situation of the system. The data backup module combined with Hadoop cluster constructs a data storage center of a level Monua system. The data is divided into two parts: system data and event data. All the data are uploaded to the center to ensure consistency and availability.
【學(xué)位授予單位】:北京郵電大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TP393.08;TP393.07
【參考文獻(xiàn)】
相關(guān)期刊論文 前3條
1 薛靜鋒,曹元大;集成化網(wǎng)絡(luò)安全管理平臺的設(shè)計[J];北京理工大學(xué)學(xué)報;2001年06期
2 郭紅芳,曾向陽;風(fēng)險分析方法研究[J];計算機(jī)工程;2001年03期
3 單智勇;石文昌;;多級分布式網(wǎng)絡(luò)安全管理系統(tǒng)的體系結(jié)構(gòu)[J];計算機(jī)工程與設(shè)計;2007年14期
,本文編號:2398855
本文鏈接:http://sikaile.net/guanlilunwen/ydhl/2398855.html
最近更新
教材專著
