【作者】 姜中华；

【导师】 崔杜武；

【作者基本信息】 西安理工大学 ， 计算机应用技术， 2003， 硕士

【摘要】 在Internet应用空前增长的今天，计算机管理技术、网络通信技术、资源共享技术却未能得到同步提高。为此，有效的网络安全防护手段是信息与网络安全研究的重要课题。目前，虽然有多种安全产品，但仍然不能满足Internet发展的需要。 因特网监视器是一种新型的网络安全产品。本文针对监视器实时、高效的要求，提出了一种基于Linux系统的Internet网络监视器的设计方案。方案利用了Linux操作系统的多进程、多线程、线程的静态和动态优先级提高监视主机实时性，以多监视主机的分布式数据处理来提高系统吞吐量。实验表明监视器具有高效、安全和可扩充性强等优点。 整个系统采用了分层的设计，整体分为3层：底层部分，截包组装模块实现Internet报文的截取和按连接的组装；中层部分，解码、解压缩和全文检索模块实现了对原始文件的解压缩、编码还原和全文检索；上层部分，用户界面实现基于J2EE的三层结构的系统。另外，在客户端加入了认证和授权机制，同时提供了基于SSL的加密机制。更多还原

【Abstract】 Although Internet applications are greatly grown, the technologies about computer management, network-communication, resource sharing are not improved accordingly. Thus, effective method to protect the security of network is an important research task in network security field. There are some kinds of security products, but they cannot meet the need of Internet evolution.Internet Monitor System is a new kind of network security product. This paper puts forward a design of Internet Monitor System based on Linux to meet the demands of real-time and high-efficiency. Real-time performance of the monitor host is enhanced using the multi-process, multithread, priority provided by Linux. Meanwhile, the performance of the system is improved by distributed data processing based on multiple monitor hosts. Its advantage of efficiency, security and scalability is verified by experiments.The system adopts the layer-dividing method in whole. The main idea is to divide the system into three layers and to set up the databases or local files between layers as interface. The first layer implements Internet packet intercepting and assembling according to TCP link; the middle layer is used to depress, decode the raw files, and to take the full-text researching; the up layer provides the user interface based on there-tier structure. In addition, authentication and authorization mechanism are provide in client side of the system as well as the encryption mechanism based on SSL.更多还原