Abstract

With the development of society and the improvement of people's living standards, the
application of computer network information has not only promoted the progress of society
but also the increasing maturity of computer network technologies has made it easier to
connect various networks. Our lifestyle is also quietly changing with the growth of the Internet
of Things (IoT) and 5G. While people are enjoying the convenience of the Internet, it is easy to
take the security of the network and its possible impact lightly. Therefore, the network has
become an inseparable part of our lives. As network technology develops, its openness grows
and its influence on society increases day by day, but network security threats such as viruses,
network hacking, and remote eavesdropping have also become an increasingly serious social
issue.
Keywords: Information Security, Firewall, Encryption, Digital Signature

Introduction
In the era of information technology with the rapid development of the network, the security of
network information has become a more concerning issue. In this literature, we will focus on
the importance of studying network security technology and the specific analysis of the
technical means of network security in practical applications. Finally, we discuss the current
situation and development trend of network security and security products research.

Overview/ Background
With the rapid development of network information technology, we have entered the
information age. The Internet has brought great convenience to our life and changed the
channels through which we perceive and understand the world, but at the same time, due to
the diversity of Internet connections, the wide distribution of terminals, and the openness of
the network, it also poses a threat to our information security. Network information security is
a comprehensive discipline that includes computer application technology, network
communication technology, cryptographic information technology, information security
technology, applied engineering mathematics, number theory, information methodology, and
other technologies. To be able to propose a complete, systematic, and collaborative processing
plan, we have to accumulate knowledge on the above disciplines in normal times, only then we
can ensure the effective sharing and relative security of information. In general, network
information security can be simply summarized as the following three aspects.
1. Availability of Network Services
Availability of network services means that all resources can be accessed by authorized parties
at the right time to prevent "denial of service" (DoS) of network systems due to computer
viruses or other human factors, which aims to prevent computers or networks from providing
normal services. The most common DoS attacks are computer network bandwidth attacks and
connectivity attacks. By increasing the control of network information access, we can effectively
prevent the occurrence of "denial of service". "Firewall" is one of the important technologies of
network security in recent years, it is the throat of network information communication, only
through the security policy related information is allowed to pass through the firewall, if the
network is added to the firewall, our network environment will become relatively safe.
However, the security of the network environment is often in contradiction with the flexibility,
openness, and convenience of the Internet. Although the blocking function of the firewall plays
a positive role in strengthening the security of the internal local area network, it also hinders
the effective exchange of information between the internal network and the external network
information.

2. Confidentiality of Network Information　

Confidentiality of network information refers to the characteristic that information is not

disclosed to or made available for use by, unauthorized individuals, entities, or processes
according to specified requirements. Applying access control technology can effectively prevent
network information resources from being used and accessed illegally. Access control
technologies include inbound access control, network authority control, server control, etc.
Access control is the first level of access control of network access, through the user identity
judgment to access the relevant network resources, control the time to allow users to access
the network and allow them to access the network location; network access control by giving
different privileges to users or user groups with different identities, and effective restrictions on
the operation of information resources by users or user groups with different privileges;
security control of the network server includes: can set a password to lock the server console to
prevent illegal users from modifying or deleting important information or destroying data; you
can set the time limit for server login, illegal visitor detection and time interval for the
shutdown.
3. The Integrity of Network Information
The integrity of network information means that all resources can only be modified by
authorized parties or in an authorized manner. Integrity has three special aspects: authorized
behaviour; resource separation and protection; and error detection and correction. Its purpose
is to prevent information from being tampered with by unauthorized users. Due to the open
nature of public networks, information can be corrupted by hacker-like methods of
interception, disruption, tampering, and forgery during network transmission, resulting in
distortion, loss, and unavailability of data. The use of encryption can enhance the security of
important information, and even if the information is attacked by illegal users during
transmission, the encrypted information will not be easily leaked. Encryption technology solves
the requirement of data confidentiality and can also be used to protect data integrity. However,
the importance of encryption should not be overestimated, and encryption cannot solve all
security problems. Improper encryption may not affect security or even reduce the
performance of the whole system.
Literature Review - The current main network security technology
1.1 Virus protection technology
A computer virus is a kind of program that can achieve damage the local computer or infect
other computer systems during the operation of the computer, causing the computer to work
abnormally. For example, the computer system into a virus, moth, Trojan horse, trap door, logic
bomb; or through, impersonation and other ways to destroy the normal work of the system [1]
[2].
Nowadays, mature anti-virus technology has been able to achieve complete prevention and
killing of known viruses, which mainly involves the following three major technologies.
1) Real-time monitoring technology. This technology can build a dynamic, real-time anti-
virus system for the computer system, by modifying the system program, so that it can
prevent virus invasion itself, to reject the virus outside the computer system.

2) Automatic decompression technology. Currently, on the Internet, CD-ROM, and

Windows systems to contact most of the files are stored in a compressed state to save
transmission time or save storage space, which makes all kinds of compressed files
become a breeding ground for the spread of computer viruses.

3) the whole platform to prevent virus technology. Currently, we commonly used

operating systems are Windows XP, Windows 7, Windows serve, LINUX, UNIX, etc. To
improve the effectiveness of anti-virus software to check and kill viruses, and to
achieve a seamless connection with the underlying system, you must use the
appropriate antivirus software on different operating systems.

1.2 Firewall Technology

A firewall is a collection of components that interposes itself between two or more networks to
enable network access control, and its main function is filtering. A firewall can even examine all
the contents of a packet, including the data part. In terms of implementation principles, firewall
technologies broadly include four major categories: network-level firewalls, application-level
gateways, circuit-level gateways, and rule-checking firewalls [3].
1.2.1 Network-level firewalls
Packet filtering technology is the main technology of firewalls to provide security to the
system, which selectively controls and manipulates the data flow in and out of the
 network through the device [4]. A packet is the unit of information flow on the
network and consists of two parts: the data load and the protocol header. Packet
filtering operations are generally performed by selecting or filtering network layer
packets along with route selection. The selection is based on filtering logic set up
within the system and is referred to as an access control table or rule table. The rule
table specifies which types of packets are allowed to flow into or out of the internal
network.

1.2.2 Application-level firewall

Application-level gateways can inspect incoming and outgoing packets, with the
gateway transmitting information through replication and blocking the establishment
of direct links between secure servers, terminal machines, and illegal hosts. The
application-level gateway is capable of parsing protocols on the application layer, can
set complex access controls, and can implement sophisticated registration and
auditing. It can analyse packets for data filtering protocols and form reports for the
corresponding analysis. The application-level gateway closely monitors the
environment for some insecure logins and controls all incoming and outgoing
communications to prevent theft of valuable information or programs.

1.2.3 Circuit-level gateway

The main function of a circuit-level gateway is to monitor TCP handshake information
between a trusted server or client and an insecure host, and in this way to determine
the legitimacy of this session, it performs packet filtering at the session layer, which is
two layers higher than the network-level firewall. In addition, it provides a proxy server
function. This proxy service assigns managers to approve or deny specific applications
or specific functions of an application.

1.2.4 Rule checking firewall

This firewall combines the features of the above firewalls. It differs in that it does not
break the client-server model to analyse application layer data; it allows secure clients
and illegitimate hosts to establish direct connections. Instead of relying on application
layer-related proxies, the rule-checking firewall relies on some sort of algorithm to
identify incoming and outgoing application layer data. These algorithms compare
incoming and outgoing packets by the pattern of known legitimate packets, which
allows them to be theoretically more effective than application-level proxies in filtering
packets.

1.3 Network Encryption Technology

The basic process of encryption technology is to process the original plaintext file or data
according to some algorithm, so that it becomes an unreadable code, usually called
"ciphertext" so that the original content can only be displayed after entering the corresponding
key, through such a way to achieve the purpose of protecting the data from illegal theft and
reading. The reverse of this process is decryption, which is the process of converting the
encoded information into its original data. According to the symmetry of encryption key and
decryption key, encryption technology can be divided into symmetric encryption, asymmetric
encryption, and irreversible encryption.
1) Symmetric encryption: It is a relatively traditional encryption method, which uses a
single key to encrypt and decrypt data. The sender encrypts the information with the
key and then transmits it to the receiver through the network, and the receiver then
decrypts the information with the same key. It is characterized by relatively small
computation and high encryption efficiency. Even if the transmission network is not
secure and the information is intercepted, the information is still safe because it is
encrypted. However, it is difficult to apply this algorithm to distributed systems, mainly
because it is difficult to manage the key in distributed systems and it is complicated to
use.

2) Asymmetric type encryption: It is characterized by two keys: a public key and a private
key. The public key is public and is used to encrypt the metadata, and the private key is
owned by the individual alone. To complete the whole encryption and decryption
process, both must be used in combination. After using this encryption method, we
have to pay attention to effective management and how to confirm the authenticity and
legitimacy of the public key.

3) Irreversible encryption: Its characteristic is that no key is used in the whole encryption
process, and once the data is encrypted, it cannot be decrypted, and the same
encrypted data can only be obtained by the same irreversible encryption algorithm with
the same input data. This encryption algorithm does not have the problem of key
distribution and management, but its encryption calculation work is exceptionally
complicated, and it is only suitable for encrypting a small amount of data.

1.4 Intrusion detection technology [5]

An intrusion detection system is a device that is placed inside a protected network to monitor
what is happening in the network. An attack can be detected at the beginning, during the
course of an attack, or after an attack has occurred. Intrusion detection can be divided into
several categories as follows:
1) Host-based Intrusion Detection (also called HIDS): It is installed on the server to be
protected to protect a single host from network intrusion. It helps system
administrators to record or detect attacks or attack attempts by detecting system files,
 process records, and other information to develop appropriate strategies. HIDS
detection accuracy is high, can detect attacks without obvious behavioural
characteristics, can be targeted to a variety of operating systems, is suitable for
encryption and switching environment sent, is low cost and t, independent of the
network environment. The main drawback is that it is less time-sensitive detection,
takes up a lot of host resources, can detect fewer types of attacks, the detection effect
depends on the logging system constraints and is less stealthy.

2) Network-based Intrusion Detection (NIDS): mainly used to prevent attacks on a network,

used in conjunction with a firewall, using the original network packet packets as a data
source for attack analysis, through a network adapter to monitor and analyse all
communications transmitted through the network in real-time. When an intrusion is
detected, the intrusion detection system responds by alerting, disconnecting, etc. NIDS
can monitor ports on the network for scanning, IP spoofing, and other common attacks,
and protect multiple hosts without affecting the performance of the protected object,
with good concealment and protection against intrusion evidence. Disadvantages are
poor anti-intrusion spoofing ability, detection is more restricted by hardware conditions,
cannot be processed after the encryption of data, etc.

3) Distributed intrusion detection: its model is to use a distributed intelligent agent

structure, consisting of a central intelligent agent and several local agents distributed
around the network. Each local agent is responsible for monitoring a certain aspect of
the network information flow, and multiple local agents collaborate and distribute
detection to jointly complete a monitoring task; the central agent is responsible for
regulating the work of each local agent to complete the task of a comprehensive
analysis of network events.

Discussion - Network information security and security products research status and
development trend
Network information security is one of the research projects focused on information security,
and it is also the current research hotspot in the field of information security. The research
content includes the main technologies and solutions of network information security, the
research, and development of network security products, etc. Network information security
includes physical security and logical security. Physical security refers to the physical protection
of network information in communications, computer equipment, and related facilities from
damage, loss, etc. Logical security contains information integrity, confidentiality, non-
repudiation, availability, etc. It is a matter that involves all aspects of network security,
operating systems, databases, application systems, human factors, etc., and must be
considered comprehensively.
At present, the more popular in the market, and can represent the future direction of
development of security products are roughly the following categories: firewalls, security
routers, virtual private networks (VPN), security servers, electronic visa agencies - user
authentication products, intrusion - CA and PKI products, security management centres,
detection systems (IDS), security databases and security operating systems. In all of the above
major directions of development and product categories, the application of cryptography is
included and is very basic. The integration of cryptography with communication technology,
computer technology, and chip technology is becoming increasingly close, and the lines of
demarcation between their products are becoming increasingly blurred and inseparable from
each other. The solution to network security is a comprehensive problem involving many
factors, including technology, products, and management [6].

Conclusion
The issue of network information security has become a worldwide problem. It is not only
applied to ordinary electronic commerce but also applied to the government and military,
which is related to the economic security and national defence security of the whole country.
Information technology has become an important basis for the development of the entire
society and economy, and occupies an inestimable position in the national economy and
people's livelihood; in addition, government authorities, national defence construction of
information technology security, stability, maintainability, and developability put forward more
and more urgent requirements, therefore, from the perspective of social and economic
development and national security, increase the development of information security
technology is a long-term and arduous in our future task.

References
1. Bai Shuo, Prevention of computer viruses under network conditions [J]. Network Security
Technology and Applications, 2002.
2. Zhang Zhen Guo, Building a perfect virus protection system [J]. Network Security Technology
and Applications, 2002.
3. Wu, Haiyan, Shi Lei and Li Qingling, An overview of network information security technology
[J]. Computer Knowledge and Technology, 2005, 12: 55-57.
4. Liu Hong Yue, Advances in access control technology research [J]. Small Microcomputer
Systems, 2004, 25(1): 56-59.

5. http：//baike.baidu.com/view/1148666.htm.
6. Qin Xiao Yun, Research status and development trend of information security technology [J].
Journal of Guangxi Medical University, 2008, S1: 93-94.
7. Zeng Fan Ping, Network Information Security [M]. University of Science and Technology of
China, 2003
8. Wu S. Z., Jiang S. Q., Peng Y. Fundamentals of Information Security Assurance. Aviation
Industry Press, 2009.7
9. Storin (U.S.) by Xiao Xiang Studio translation: elements of network security: applications and
standards [M]. Beijing: People's Post and Telecommunications Publishing House, 2003.01
10. Tao An et al. eds: Network Management and Maintenance [M]. Shanghai: Shanghai Jiao
Tong University Press, 2003.05
11. Bu Shan Yue, Zhang You Dong. Computer Security Technology. Higher Education Press,
October 2005
12. Li G, Zhang W. Reflections on technical issues of strengthening network information security
[J]. Software (Education Modernization) (Electronic Edition), 2013, (7): 98-98.
13. Mei Xiu Hua. Exploration of network information security and technology [J]. Science and
Technology Information Development and Economy, 2008, 18(4): 171-173.
14. Xie Xing Guo, Zhu Qing Wei. An introduction to network information security and technology
[J]. Science and Wealth, 2011, (2): 102.
15. Wang Hong Yu, Discussion on computer network information security in the new situation
[J]. Digital Technology and Applications, 2016(02):214.