大规模网吧审计系统

【作者】 李灵均；

【导师】 秦志光；

【作者基本信息】 电子科技大学 ， 通信与信息工程， 2010， 硕士

【摘要】 作为最主流的公共上网场所,网吧一直是信息监控的重点。目前,公安机关已经通过安装实名、审计软件的方式对网吧进行了监控,但在实际工作中,还存在一些不足,需要大力改进,以加强管理力度,给网民创造一个软硬件优良的上网环境。由于部分非法经营的网吧没有在公安部门备案,针对这些“黑”网吧,监控力度一直不足。针对此种情况,2008年,公安部发出了“在计费软件中集成审计功能”的号召。在此号召下,XX集团与公安部11局联手,开始了本课题的研究,并通过XX集团的网吧计费系统成功远程推送安装到网吧中,达到了良好的效果。本课题研究开发一套能在网吧捕获可疑嫌犯实名信息和虚拟身份信息以供公安人员分析破案,并提供实时自动短信报警功能。该系统以每个行政省份为单位,通过XX集团旗下成都XX公司的“XX网管”网吧计费产品远程推送到网吧安装部署,上报实名和虚拟身份信息到各个省公安厅网监总队。在该系统中,本论文作者设计并实现的功能主要有以下6点:1)支持大规模并发网络连接的数据收发;2)对IM工具聊天记录数据进行解密;3)捕获实名和虚拟身份的活动信息,并在每个省公安厅建立实名和虚拟身份的对应关系;4)高效的处理海量数据的存取(初步调研每天大约新增3000万条数据,需要保留60天的历史数据);5)SMTP邮件信息的捕获分析;6)构建分布式数据库存储大量信息进行数据分析。系统使用了较多的安全相关的技术进行数据的采集和捕获,是系统实现的基石;使用了高效的海量数据处理存取分析技术,相对同类产品具有较大的技术领先优势。更多还原

【Abstract】 As the most mainstream of public Internet sites, NetBar have been the focus of information monitoring; At present, the network supervision departments have been through the installation of real names, audit software, NetBar were monitored way, but in practical work, there are still some shortcomings, the need to improve in order to strengthen management, and give users access to the Internet to create a good environment for hardware and software. As some of the illegal NetBar, public security departments do not have the record for these "black" NetBar to monitor the efforts have been inadequate. In view of this situation, in 2008, Ministry of Public Security issued a "billing software integrated in the audit function" call.The research project to develop a suspicious suspects in NetBar to capture the real-name information and a virtual identity for the analysis of public security personnel detection, and provides real-time automatic SMS alarm. The system at the provincial level as a unit, through the Chengdu XX’s "XX Network" NetBar NetBar billing products pushed to install the remote deployment, reporting real name, and virtual identity information to various network monitoring Corps Provincial Public Security Bureau.In this system, the dissertation design and realization of the main functions of the following 6 points: 1, to support large-scale concurrent network connections for data transmission; 2, IM chats tool to decrypt the data; 3, capture real name, and virtual identity activities, information, and in each Provincial Public Security Bureau to establish the identity of the real-name and virtual correspondence; 4, and efficient access to massive data processing (preliminary research every day about 30 million new data, the need to retain 60 days of historical data) ; 5, SMTP mail messages capture analysis; 6, build a distributed database to store large amounts of information for data analysis.System uses a more security-related technologies for data collection and capture, is the cornerstone of system implementation; use of efficient access to massive data processing analysis techniques, similar products with relatively large technological leadership.更多还原