Title :
Study on data acquisition solution of network security monitoring system
Author :
Gao, Kunlun ; Liu, Jianming ; Guo, Jian ; An, Rui
Author_Institution :
Inf. & Com.mun. Dept., China Electr. Power Res. Inst., Beijing, China
Abstract :
With the demands for network security, some heterogeneous security equipments such as firewalls, intrusion detection systems, and anti-virus gateways are widely deployed in network, and produce massive security events which need to be merged and analyzed. Therefore, a distributed and multi-protocol supported network security monitoring system is proposed. The paper describes the architecture of the network security monitoring system. Focusing on the system acquisition layer, two methods are designed for monitoring data collection: syslog-based collection and real-time traffic-based collection. The ActiveMQ which based on the JMS specification was adopted for data transmission...
Keywords :
authorisation; data acquisition; monitoring; security of data; telecommunication security; ActiveMQ; anti-virus gateway; data acquisition solution; data collection monitoring; data transmission; distributed network security monitoring system; firewall; heterogeneous security equipment; intrusion detection system; multi-protocol supported network security monitoring system; real-time traffic-based collection; syslog-based collection; system acquisition layer; Benchmark testing; Discrete cosine transforms; Discrete wavelet transforms; Robustness; Signal to noise ratio; Watermarking; ActiveMQ; JMS; data acquisition; data transmission; network security monitoring system;
Conference_Titel :
Information Theory and Information Security (ICITIS), 2010 IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-6942-0
DOI :
10.1109/ICITIS.2010.5689487
