【作者】 文安邦；

【导师】 李志淮；

【作者基本信息】 大连海事大学 ， 计算机应用技术， 2004， 硕士

【摘要】 随着Internet的普及，由于Internet自身的开放性、自由性，在互联网上发布、传播有害信息的问题日渐突出，利用互联网实施的违法犯罪活动也逐渐增多。怎样更好地去监管人们的上网行为，是现代网管面临的一个问题。 GS网关日志系统的应用，使实名制上网成为可能。这也给安全审计功能提供了基础。论文主要基于GS系统的网络流量日志，通过文本日志的查询、日志统计、基于规则的自动报警、基于数据挖掘的用户行为分析，来尽可能实现完善的安全审计，营造一个干净的上网环境。 论文主要分六部分。第一部分概述了相关技术和背景知识，介绍了GS系统、Linux平台、Java语言和Oracle9i数据库：第二部分着重介绍了数据挖掘技术，对多种模式及其算法进行比较分析，及其挖掘软件Weka的介绍，为后面用户行为分析奠定了理论基础：第三部分讲述了整个系统的设计，包括日志查询、日志统计、自动报警、数据挖掘：第四部分详细描述了日志查询和日志统计的实现；第五部分详细描述了自动报警和数据挖掘的实现，是论文重点；第五部分是系统总结，评价本系统的优势及待改进的地方。更多还原

【Abstract】 With the development of Internet, because of the opening-up and freedom of Internet, more and more problems grow up,including broadcasting harmful information,crimines by Internet. How to control and supervise peoples’ behavior in Internet is faced by modern network management.With the usage of GS (Gateway System), it’s possible to using real name in Internet. It’s also the fundation of Security Audit. The paper implements Security Audit based on Network Flow log ,by text log query,log statistics,auto alerting by Alert Rules and user’s behavior analysis, to create a clean Internet.The paper is made up with 6 parts. The 1st part introduces the background knowlege and related technology, also including GS, Linux platform,Java language and Oracle 9i database. The 2nd part introduces data mining technology emphatically, analyses several modes,compares their alogrithm and gives a brief of Weka sofware. The 3rd part describes the whole system design,including log query.log statistics,auto alerting,data mining and so on. The 4th describes how to implement log query and log statistics in detail.The 5th part describes how to implement auto alerting and data mining in detail. The last part is the summary of the paper,mainly evaluating the advantage and shortage.更多还原