CASIA OpenIR  > 毕业生  > 博士学位论文
银行网络安全性的研究与应用
其他题名The Research on Netwok Security of the Banks
李恒华
学位类型工学博士
导师田捷
2003-05-01
学位授予单位中国科学院研究生院
学位授予地点中国科学院自动化研究所
学位专业模式识别与智能系统
关键词指纹身份认证 网上银行 防火墙 入侵检测 滥用检测 异常检测 Fingerprint Identify Net-bank Firewall Intrusion Detection Misuse Detection Anomaly Detection
摘要随着网络技术的快速发展,网络安全问题越来越引起人们的重视。作 为国民经济重要部门的银行,随着银行电子化的全面普及,相应的银行网 络安全问题也成为必须要面对的重大课题。 本文在基于现有网上银行系统的基础上,从提高网络安全性、实现成 本低廉性以及客户使用简易性的角度出发,提出并初步实现了一套完整的 基于指纹身份认证的网上银行解决方案。该方案的突出特点是:使用了一 套新的合作开发的指纹身份认证算法;比较完满地把指纹身份认证技术和 网上银行系统真正地结合起来,可以完全替代传统的密码身份认证技术, 从而解决了密码所固有的安全性不高、容易遗忘等缺陷,满足了网上银行 对安全性的要求,提高了网上银行的安全等级。此外,该方案完全兼容原 有网上银行的整个体系。 本文还对上述方案的相关性课题,银行内部网络系统的安全问题进行 了研究。文中提出了一种结合防火墙技术和入侵检测技术来进行共同防御 的方案,并对入侵检测技术中的滥用检测方法和异常检测方法给出了自己 的算法。同时,在文中对当前黑客攻击银行网络常用的方法进行了详细的 理论分析,并且结合本文提出的入侵检测算法给出了相应的对策。 最后 基于上述的入侵检测的理论体系,本文给出了并实现了一个入 侵检测系统原型。该系统可以有效地协助现有的防火墙产品,检测到绝大 多数对银行网络已知类型的入侵攻击和未知类型的入侵攻击,能够较好地 满足当前银行内部网络对网络安全的要求。
其他摘要With the rapid development of the networks, security problems of networks are getting more and more important. For e-commerce has been widely used in banks, which is one of the key department of national economy, networks security of the bank is becoming a serious and great research subject which people have to face. In this paper, based on the existing net-bank system, and from the viewpoint of promoting networks security, realizing low-cost running, and providing easy interface for customers, a whole set of scheme for net-bank has been presented and realized, which is based on fingerprint identification online, and has combined the fingerprint identification algorithm, encryption algorithm, and the real trading system of net-bank. The advantages are as follows: a new-developed method of fingerprint identification is used; it is the first time in China to combine fingerprint identification algorithm with net-bank truly in use, which can substitute traditional person identification way by cipher, without the shortcoming of low-security and being easily forgotten. At the other hand, it is corresponding to the existing system very well. In this paper, security problems inside the networks of the banks are also studied, which is relative to the subject upwards. Technique combined firewall and intrusion detection system is presented. This paper also gives our own algorithms about misuse detection and anomaly detection, which are the two main methods of intrusion detection. And further more, it gives detailing theoretical descriptions to those hacker's techniques to intrude bank networks, with the methods of defense and fighting-back. At last, based on the theoretical system upwards, in this paper there is a proto type of intrusion detection system realized and showed out. It can help nowadays firewall products detect most of known intrusions and some unknown intrusions to bank network, and satisfy the demand of networks security of the banks.
馆藏号XWLW750
其他标识符750
语种中文
文献类型学位论文
条目标识符http://ir.ia.ac.cn/handle/173211/5757
专题毕业生_博士学位论文
推荐引用方式
GB/T 7714
李恒华. 银行网络安全性的研究与应用[D]. 中国科学院自动化研究所. 中国科学院研究生院,2003.
条目包含的文件
条目无相关文件。
个性服务
推荐该条目
保存到收藏夹
查看访问统计
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[李恒华]的文章
百度学术
百度学术中相似的文章
[李恒华]的文章
必应学术
必应学术中相似的文章
[李恒华]的文章
相关权益政策
暂无数据
收藏/分享
所有评论 (0)
暂无评论
 

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。