Biblio

Aiming at the problems of single protection, lack of monitoring and unable to be physically isolated in time under abnormal conditions, an industrial control boundary network security protection method is provided. Realize the real-time monitoring and analysis of the network behavior of the industrial control boundary, realize the in-depth defense of the industrial control boundary, and timely block it in the way of logical link and physical link isolation in case of illegal intrusion, so as to comprehensively improve the protection level of the boundary security of the industrial control system.

In order to effectively do network security protection, detecting system vulnerabilities becomes an indispensable process. Here, the vulnerability detection module with three functions is assembled into a device, and a composite detection tool with multiple functions is proposed to deal with some frequent vulnerabilities. The tool includes a total of three types of vulnerability detection, including cross-site scripting attacks, SQL injection, and directory traversal. First, let's first introduce the principle of each type of vulnerability; then, introduce the detection method of each type of vulnerability; finally, detail the defenses of each type of vulnerability. The benefits are: first, the cost of manual testing is eliminated; second, the work efficiency is greatly improved; and third, the network is safely operated in the first time.

Network situation value is an important index to measure network security. Establishing an effective network situation prediction model can prevent the occurrence of network security incidents, and plays an important role in network security protection. Through the understanding and analysis of the network security situation, we can see that there are many factors affecting the network security situation, and the relationship between these factors is complex., it is difficult to establish more accurate mathematical expressions to describe the network situation. Therefore, this paper uses the grey neural network as the prediction model, but because the convergence speed of the grey neural network is very fast, the network is easy to fall into local optimum, and the parameters can not be further modified, so the Multi-Swarm Chaotic Particle Optimization (MSCPO)is used to optimize the key parameters of the grey neural network. By establishing the nonlinear mapping relationship between the influencing factors and the network security situation, the network situation can be predicted and protected.

As the technology reliance increases, computer networks are getting bigger and larger and so are threats and attacks. Therefore Network security becomes a major concern during this last decade. Network Security requires a combination of hardware devices and software applications. Namely, Firewalls and IPsec gateways are two technologies that provide network security protection and repose on security policies which are maintained to ensure traffic control and network safety. Nevertheless, security policy misconfigurations and inconsistency between the policy's rules produce errors and conflicts, which are often very hard to detect and consequently cause security holes and compromise the entire system functionality. In This paper, we review the related approaches which have been proposed for security policy management along with surveying the literature for conflicts detection and resolution techniques. This work highlights the advantages and limitations of the proposed solutions for security policy verification in IPsec and Firewalls and gives an overall comparison and classification of the existing approaches.