1、南京航空航天大學(xué)碩士學(xué)位論文內(nèi)網(wǎng)安全防護(hù)技術(shù)的研究與實現(xiàn)姓名：余俊申請學(xué)位級別：碩士專業(yè)：計算機科學(xué)與技術(shù)指導(dǎo)教師：袁家斌2010-12內(nèi)網(wǎng)安全防護(hù)技術(shù)的研究與實現(xiàn) ii Abstract With the rapid development of the global information, computer networks have become part of people’ s daily wo

2、rk and life. As a means to convey information within organizations, internal networks are facing severe security risks. At present, more and more cyber crime is associated with the practical i

3、nterests. In addition, electronic files can be copied and disseminated more easily than tranditional paper documents. These lead to the frequent occurrence of the divulgence of confidential infor

4、mation within internal networks. Therefore, ensuring the security of internal networks is an important problem in the field of network security. This paper summarizes the specific issues of internal ne

5、twork security, and analyzes the shortcomings of the existing internal network security technologies. Taking into account these shortcomings and features of the internal network, this paper presents a

6、 host- based internal network security method from the perspective of operating system security and file security. It can ensure the security of files and prevent host from being intruded by m

7、alwares and backdoors. In this way it provides double protection for the internal network information. This paper describes the goals and desired properties of operating system security and file

8、 protection, analyzes the principles of system service dispatch table hook, inline hook and file system filter driver under Windows NT platform. Then the main idea and implementation of Windows

9、 NT security and file protection is introduced. Some of the key problems such as cache management, encryption flag management are described in detail. Finally, we test the functionalities of t