基于大数据技术的计算机网络信息安全防护研究
Research on computer network information security protection based on big data technology
陈星宇1
作者信息
- 1. 江苏省扬州技师学院,江苏扬州 225000
- 折叠
摘要
[目的/意义]面向计算机网络信息安全的监测与防护工作,通常的入侵检测安全工具,会对TCP/IP通信协议栈的网络访问做出监测和过滤.但是,有些情况下,外网用户的入侵攻击会绕过Web应用防火墙进行一次认证系统.[方法/过程]在计算机网络安全管理中引入K-means聚类挖掘算法、零信任安全模型等大数据技术,对特定类型的用户入侵攻击数据包做出挖掘分析.[结果/结论]使用零信任安全模型"IP白名单/黑名单"进行用户访问的多次身份认证和授权管理,过滤掉不符合安全策略的网络流量,有助于提高计算机网络信息防护的安全等级.
Abstract
[Purpose/Significance]For the monitoring and protection of computer network information security,commonly used intrusion detection security tools monitor and filter network access to the TCP/IP communication protocol stack.However,in some cases,intrusion attacks from external users may bypass the authentication system of the web application firewall.[Method/Process]Introducing big data technologies such as K-means clustering mining algorithm and zero trust security model into computer network security management to mine and analyze specific types of user intrusion attack packets.[Result/Conclusion]Using the zero trust security model"IP whitelist/blacklist"for multiple identity authentication and authorization management of user access,filtering out network traffic that does not comply with security policies,can help improve the security level of computer network information protection.
关键词
大数据/计算机/信息安全/防护/防火墙Key words
big data/computers/information security/protection/firewall引用本文复制引用
出版年
2024
NETL
NSTL
万方数据