The invention, related to information security field, discloses a method for improving network application security and a system thereof. The method comprises that client terminal application generates protocol message and disassembles the protocol message to plural IP packets and sends the plural IP packets; network filter driver receives and caches the plural IP packets and assembles the plural IP packets to obtain the protocol message and determines whether critical information is in the protocol message; if so, the network filter driver sends the protocol message to a smart key device; the smart key device analyzes the protocol message to obtain the critical information and sends the critical information to the user for confirming, if the user confirms that the critical information is correct, the network smart key device signs the protocol message and returns the signature data, the network filter driver generates new protocol message according to the signature data and the protocol message and disassembles the new protocol message to plural IP packets and sends the plural IP packets to the server via network card driver; if the user confirms that the critical information is not correct or no confirmation is received from user in predetermined time period, the smart key device performs exceptional operation. The system comprises a smart key device and network filter driver of client terminal computer. With compatibility and usability, the invention enhances network application security without modifying the client terminal.