Architecture of Real-Time and Dynamic Audit for Network Behavior Security

  • Yan Zhang
  • Caiming LiuEmail author
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 1074)


Dynamics and complexity of the Internet security environment make that real-time and dynamic auditing of network behavior security is more difficult. For the resolution of difficulties on dynamics and complexity in the network behavior audit, an architecture of real-time and dynamic audit for network behavior security under the Internet environment is created. The proposed architecture consists of pretreating network behavior data, synchronizing network data, dynamically recognizing network behavior and comprehensively auditing network behavior security. Pretreating network behavior data solves the problems of the integrity of network behavior data to be treated and the scientific modeling of network behaviors. Synchronizing network data solves the problem of real-time treating of network behavior data. Dynamically recognizing network behavior uses and simulates immune mechanisms to realize the dynamic auditing for network behavior security. Comprehensively auditing network behavior security solves the problem of direct service of audit results of network behavior security for the network security management. The proposed architecture is expected to provide a new reference for the establishment of active network security management model.


Network behavior security Behavior recognition Behavior audit Real-time audit Dynamic audit 



This work is supported by Sichuan Science and Technology Program (No. 2018JY0523), the Scientific Research Fund of Sichuan Provincial Education Department (No. 18ZA0233), the Scientific Research Project of Leshan Normal University (No. ZZ201825).


  1. 1.
    Zhang, H.: Research of Network Security Auditing System. Thesis of Jilin University (2006)Google Scholar
  2. 2.
    Liu, Z., Wang, X., Li, J., Zhang, S.: Research on an integrated security audit system model. Police Technol. 2014(B06), 32–35 (2014)Google Scholar
  3. 3.
    Wei, Y., Lian, Y.: A network security situational awareness model based on log audit and performance correction. Chin. J. Comput. 32(4), 763–772 (2009)CrossRefGoogle Scholar
  4. 4.
    Haggerty, J., Hughes-Roberts, T.: Visualization of system log files for post-incident analysis and response. In: Human Aspects of Information Security, Privacy, and Trust. HAS 2014. LNCS, vol. 8533, pp. 23-32 (2014)Google Scholar
  5. 5.
    Standing Committee of the National People’s Congress of China. People’s Republic of China Network Security Law. Issued on November 7 (2016)Google Scholar
  6. 6.
    Yang, Y.: The Enlightenment of Network Security Audit of American Audit Office. Audit Monthly (2018)Google Scholar
  7. 7.
    Zhang, H., Fang, B., Hu, M., Jiang, Y., Zhan, C., Zhang, S.: A survey on internet measurement and analysis. J. Softw. 14(1), 110–116 (2003)zbMATHGoogle Scholar
  8. 8.
  9. 9.
    De Castro, L., Timmis, J.: Artificial Immune Systems: A Novel Computational Intelligence approach. Springer, London (2002)zbMATHGoogle Scholar
  10. 10.
    Li, T.: An immune based dynamic intrusion detection model. Sci. Bull. 50(22), 2650–2657 (2005)MathSciNetCrossRefGoogle Scholar
  11. 11.
    Farmer, J., Packard, N., Perelson, A.: The immune system, adaptation, and machine learning. Physica 22D, 187–204 (1986)MathSciNetGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.School of Computer ScienceLeshan Normal UniversityLeshanChina
  2. 2.Key Lab of Internet Natural Language Processing of Sichuan Provincial Education DepartmentLeshan Normal UniversityLeshanChina

Personalised recommendations