摘要
作为数字化校园建设的重要组成部分,校园一卡通系统是实现校园信息化的基础工程,是学校实现管理提升的重要工具。但是,在多数高等院校,由于办学规模、建设资金等方面的限制,加之缺乏统一管理,造成各个部门独立发卡,独立结算,一人多卡,给教工、学生带来极大不便,同时导致工作效率低下,资源浪费严重。高校校园网的建成,卡片应用技术的逐渐成熟,银校合作力度的逐步加大,为校园一卡通系统的发展创造了成熟条件。
本文以枣庄学院一卡通系统的网络安全为研究对象,结合网络的实际情况,对一卡通系统及其网络安全进行了全面的分析。详细介绍了一卡通系统的框架结构,然后依据框架的结构依次介绍了组成该框架的各个模块,重点分析了该系统在实际应用中面临的网络安全问题。由于数据挖掘技术具有可以处理大规模的数据量,而且不需要用户提供主观的评价信息,善于发现容易被主观忽视和隐藏信息的优点。另一方面,入侵检测技术是一种动态的安全防护手段,具有能主动寻找入侵信号,给网络系统提供对外部攻击、内部攻击和误操作的安全保护的优点。因此,本文集成数据挖掘和入侵检测技术,针对一卡通网络中应用服务器遭受黑客攻击的问题,采取“在线离线结合,误用异常互助,分类聚类兼顾”的思想,提出了一种基于主机的入侵检测系统的设计方案。
As an important part of digital urban construction, campus smart card applying system is an essential and important tool to improve management efficiency. But in most universities, they independently give out the card and deal with accounts dependently, for the limitation of the scale of running a school, the lack of construction funds, and the lack of unified administration. It makes faculties and students inconvenient, which leads to low working efficiency and serious resource waste.
This paper takes the network security of campus card in Zao Zhuang University as the researching object. According to the actual condition of network, this paper firstly gives a brief introduction about the campus card system and the network security. Then it introduces the framework of the campus card system and ordinally describes each module that composes the frame. After that it analyses the problems of network security in actual use. Data mining technology can process multi-datas without objective appraisal information from users and can detect the information that are usually ignored and concealed. On the other hand, intrusion detection technology is a dynamic safeguard system. It can actively detect the intruding signals, protect the network system from inter and outer assaults and mis-handling. Aiming at the problem of hacker attack on the server in campus card network, this essay conbines data mining technology and intrusing detection technology together, adopts the thinking that combines online classified misusing detection with offline clustering abnormal detection, and puts forward a devising project of intrusing detection technology based on the host computer.
引文
[1]胡道元,阂京华.网络安全[M].清华大学出版社,2004
[2]刘水.防火墙与入侵检测系统在校园网中结合应用的初探[D].南京理工大学,2003
[3]Mike Fiskyx,George Varghesey.Fast Content-Based Packet Handling for Intrusion Detection[C].UCSD Technical Report CS2001-0670,2001
[4]William Stallings.Network Security Essentials:Applications and Standards.Prentice-Hill[M],2000
[5](美)William Siallings.网络安全要素一应用与标准[M].北京:人民邮电出版社,2000
[6]Hofmeyr S A,Forrest S,Somayaji A.Intrusion detection using sequences of system calls[J].Journal of Computer Security,1998,6:151-180
[7]Jake Strum.Data Warehousing Technical Reference[M].机械工业出版社
[8]Michael Mullins.Implementing a Network Intrusion Detection System[M],2002
[9]Eric Maiwald,Network Secrity[M].McGraw-Hill,2001
[10]S.Forrest,S.A.Hofmeyr,A.Somayaji,and T.A.Longstaf.A sense of self for Unix processes[A].In:Proceedings of the 1996 IEEE Symposium on Security and Privacy,Los Alamitos,CA,IEEE Computer Society Press,1996,120-128
[11]U.Fayyad,G.Piatetsky-Shapiro,and P.Smyth.The KDD process of extracting useful knowledge from volumes of data[J].Communications of the ACM,1996,39(11):27-34
[12]U.Fayyad,D.Haussler,and P.Stolorz.Mining scientific data[J].Communications of the ACM,1996,39(11):51-57
[13]Wenke Lee.Developing Data Mining Techniques for Intrusion Detection:A Progress Report.Computer Science Department[J],North Carolina State University
[14]Wenke Lee,Sal Stolfo.Data mining approaches for intrusion detection[C].In Proceedings of the Seventh USENIX Security Symposium (SECURITY'98).San Antonio,TX,1998
[15]Wenke Lee,A data mining framework for constructing features and models for intrusion detection systems,PhD Thesie.Columbia University,2000
[16]Wenke Lee,S.J.Stolfo,andKW.Mok.Mining in a data-flow environment:Experience in network intrusion detection[A].In:Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery&Data Mining (KDD-99)[C],1999
[17]Forrest S,Hofmeyr S A.Immunology as information processing[A].In:Design Principles for the Immune System and Other Distributed Autonomous Systems[C].Segel L A,Cohen I eds,Santa Fe Institute Studies in the Sciences of Complexity.New York:Oxford University Press,2000
[18]白洁英.基于数据挖掘的入侵检测系统的设计与实现[D].中国科学院沈阳计算技术研究所,2002
[19]陈建国.使用数据挖掘技术的入侵检测模型构建[D].上海交通大学,2003
[20]陈远春.信息安全检测鉴别监控技术与系统安全性能评估分析标准实用手册[M].北京:人民出版社,2002
[21]戴青云.数据挖掘在网络入侵检测中的应用[D].东南大学,2002
[22]韩东海,王超,李群系编著.入侵检测系统实例剖析[M].北京:清华大学出版社,2002
[23]何险峰.基于数据挖掘技术和智能体技术的入侵检测系统[D].电子科技大学,2003
[24]Christina Warrender,Stephanie Forrest,Barak Pearlmutter.Detecting intrusions using system calls:Alternative data models[A].In:Proc of IEEE Symp on Security and Privacy,Oakland,California.1999,133-14
[25]Jiawei Han.数据挖掘:概念与技术[M].范明等译,北京:机械工业出版社,2001
[26]Jiawei Han,Micheline Kamber.数据挖掘概念与技术[M].机械工业出版社,2001
[27]刘应玲.基于数据挖掘的入侵检测系统的研究[D].合肥工业大学,2003.6
[28]Christopher M.King,Curtis E.Dalton & T.Ertem Osmanoglu.Security Architecture[M].McGraw-Hill,2001
[29]刘卫国.基于数据挖掘的入侵检测系统研究[D].西安交通大学,2002
[30]鹿虹丽.数据挖掘技术在入侵检测系统模型构造中的应用研究[D].北方交通大学,2001
[31]罗皓.属性抽取在基于数据挖掘的入侵检测系统中的应用[D].西安交通大学,2003
[32]毛宇.数据挖掘技术在入侵检测中应用方法的研究与实现[[D].东北大学,2001
[33]Paul E.Proctor著,邓琦皓等译.入侵检测实用手册[M].中国电力出版社,2002
[34]潘俊杰。数据挖掘技术在入侵检测中的应用[D].北京理工大学,2003
[35]Rebecca Gurley Bace著,陈明奇等译.入侵检测[M].人民邮电出版社,2001
[36]施伟.基于数据挖掘的入侵检测研究[D].北京理工大学,2003
[37]谭旭阳.数据挖掘技术在网络入侵检测中的应用研究[D].西北工业大学,2003
[38]唐正军,李建华.入侵检测技术[M].清华大学出版社,2004
[39]王清毅,张波,蔡庆生.目前数据挖掘算法的评价田.小型微型计算机系统,2000,75-78
[40]G.Piatetsky-Shapiro,and P.Smyth.From data mining to knowledge discovery:An overview[A].In:U.Fayyad,G.Piatetsky-Shapiro,P.Smyth,and R.Uthurusamy,editors,Advances in Knowledge Discovery and Data Mining[C].AAAI/MIT Press,Cambridge,MA,1996.
[41]夏可,蔡碧野.数据挖掘及其发展研究.计算机工程与应用,2002.14,182-184
[42]张学旺.基于数据挖掘技术的入侵检测研究[D].中南林学院,2003