【摘要】：企業(yè)郵箱用戶常常受到垃圾郵件的干擾，同時(shí)在競爭日益激烈的商業(yè)背景下，由于企業(yè)員工安全防范意識(shí)薄弱，利用郵件進(jìn)行各種違反保密規(guī)定的操作，導(dǎo)致內(nèi)部資料、商業(yè)機(jī)密被泄漏，給企業(yè)帶來無法估量的損失。為了防止企業(yè)知識(shí)產(chǎn)權(quán)信息、內(nèi)部資料的泄漏，同時(shí)營造良好的企業(yè)內(nèi)部郵件網(wǎng)絡(luò)，企業(yè)需要擁有一種手段，能夠用來監(jiān)控企業(yè)內(nèi)部網(wǎng)絡(luò)與外界網(wǎng)絡(luò)的郵件通信情況，對(duì)各種業(yè)務(wù)往來郵件進(jìn)行集中的備份和事后追查。因此，設(shè)計(jì)開發(fā)基于POP3的郵件監(jiān)測系統(tǒng)是十分必要的。而研究基于POP3的郵件監(jiān)測系統(tǒng)的關(guān)鍵技術(shù)，對(duì)POP3郵件監(jiān)測系統(tǒng)的功能優(yōu)化、性能提升是至關(guān)重要的。 本文在分析課題關(guān)鍵技術(shù)的研究現(xiàn)狀的基礎(chǔ)上，重點(diǎn)研究解決在捕獲海量的郵件數(shù)據(jù)后，，如何高效的、并行化處理相關(guān)POP3郵件數(shù)據(jù)，提高POP3郵件監(jiān)測系統(tǒng)的性能，同時(shí)研究如何高效實(shí)現(xiàn)郵件內(nèi)容中的敏感關(guān)鍵詞的匹配識(shí)別。通過對(duì)課題關(guān)鍵技術(shù)，進(jìn)一步避免上層的內(nèi)容分析過濾模塊成為整個(gè)系統(tǒng)的瓶頸，提升POP3郵件監(jiān)測系統(tǒng)的整體性能。本文的主要工作如下： 1、本文提出了一種基于信息熵的線程池調(diào)度方法，針對(duì)實(shí)現(xiàn)并行化郵件原文解析線程，研究了信息熵的多屬性決策模型，設(shè)計(jì)了郵件原文解析線程池，動(dòng)態(tài)選擇空閑度最高的郵件原文解析線程。通過對(duì)比基于線程輪詢的線程池調(diào)度與基于信息熵的線程池調(diào)度的實(shí)驗(yàn)，說明所提出的的方法適合于實(shí)際的郵件監(jiān)測環(huán)境，可進(jìn)一步提升郵件原文解析線程池的并行化程度。 2、本文將多模式匹配AC算法應(yīng)用于郵件監(jiān)測關(guān)鍵詞匹配領(lǐng)域，提出了基于多模式匹配AC算法的郵件內(nèi)容監(jiān)測機(jī)制，高效進(jìn)行文本敏感關(guān)鍵詞的定位匹配。通過對(duì)AC算法的存儲(chǔ)空間消耗和匹配耗時(shí)等實(shí)驗(yàn)，證明多模式匹配AC算法可以高效的完成POP3郵件監(jiān)測系統(tǒng)中的敏感關(guān)鍵詞的監(jiān)測。 3、研究了基于POP3的郵件監(jiān)測系統(tǒng)的前后臺(tái)各模塊設(shè)計(jì)方案，前臺(tái)包含了系統(tǒng)管理、規(guī)則配置、日志管理等功能模塊，后臺(tái)包含了主控模塊、libnids捕包、POP3協(xié)議分析、郵件原文解析、敏感關(guān)鍵詞檢測等模塊，詳細(xì)闡述了系統(tǒng)各模塊的具體實(shí)現(xiàn)及測試，并給出了典型的應(yīng)用場景。 本課題設(shè)計(jì)并實(shí)現(xiàn)了基于POP3的郵件監(jiān)測系統(tǒng)，不僅從多線程負(fù)載均衡的角度來提高線程池資源的利用率，而且從優(yōu)化線程中的敏感關(guān)鍵字匹配的效率的角度，提升系統(tǒng)總體性能。通過本課題能夠?qū)ζ髽I(yè)內(nèi)部的郵件實(shí)施審計(jì)，能夠在一定程度上為企業(yè)創(chuàng)造更安全的郵件環(huán)境，為企業(yè)更好的進(jìn)行網(wǎng)絡(luò)信息化建設(shè)奠定基礎(chǔ)。
[Abstract]:Enterprise mailbox users are often disturbed by spam. At the same time, in the increasingly competitive business background, due to employees'weak awareness of security, the use of e-mail for a variety of violations of confidentiality requirements, resulting in internal information, trade secrets are leaked, to bring incalculable losses to the enterprise. In order to prevent enterprise knowledge production. Enterprises need to have a means to monitor their internal network and external network mail communications, and to centralize the backup and post-mortem tracking of various business transactions. Therefore, the design and development of POP3-based mail monitoring system is necessary. It is necessary to study the key technology of POP3-based mail monitoring system, which is very important to optimize the function and improve the performance of POP3 mail monitoring system.
Based on the analysis of the research status of the key technologies of the subject, this paper focuses on how to efficiently and parallelize the POP3 mail data after capturing a large amount of mail data to improve the performance of the POP3 mail monitoring system, and how to efficiently realize the matching and recognition of sensitive keywords in the mail content. Key technologies, further avoid the upper content analysis filter module become the bottleneck of the whole system, improve the overall performance of POP3 mail monitoring system. The main work of this paper is as follows:
1. In this paper, a thread pool scheduling method based on information entropy is proposed. Aiming at parallel thread parsing, a multi-attribute decision model based on information entropy is studied. A thread pool for message parsing is designed and the thread with the highest idleness is dynamically selected. The experiment of thread pool scheduling based on information entropy shows that the proposed method is suitable for the actual mail monitoring environment and can further improve the parallelization degree of thread pool for message parsing.
2. In this paper, multi-pattern matching AC algorithm is applied to the field of mail monitoring keyword matching, and a mail content monitoring mechanism based on multi-pattern matching AC algorithm is proposed to efficiently locate and match text-sensitive keywords. Complete the monitoring of sensitive keywords in POP3 mail monitoring system.
3. The front-end and back-end modules of the mail monitoring system based on POP3 are studied. The front-end includes system management, rule configuration, log management and other modules. The back-end includes the main control module, Libnids packet catching, POP3 protocol analysis, mail text parsing, sensitive keyword detection and other modules. And test, and gives typical application scenarios.
This paper designs and implements a POP3-based mail monitoring system, which not only improves the utilization of thread pool resources from the perspective of multi-thread load balancing, but also improves the overall performance of the system from the perspective of optimizing the efficiency of sensitive keyword matching in threads. To a certain extent, it will create a safer e-mail environment for enterprises, and lay a foundation for enterprises to better carry out network information construction.
【學(xué)位授予單位】：電子科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2013
【分類號(hào)】：TP274

【參考文獻(xiàn)】

相關(guān)期刊論文 前4條

1 李輝;趙輝;李安貴;;一種多模式匹配高效算法的設(shè)計(jì)與實(shí)現(xiàn)[J];北京工商大學(xué)學(xué)報(bào)(自然科學(xué)版);2009年03期

2 徐偉平,董秀成;安全、可靠的電子郵件服務(wù)器系統(tǒng)的實(shí)現(xiàn)[J];計(jì)算機(jī)應(yīng)用;2003年05期

3 賀龍濤,方濱興,余翔湛;一種時(shí)間復(fù)雜度最優(yōu)的精確串匹配算法[J];軟件學(xué)報(bào);2005年05期

4 李志東;楊武;張汝波;王巍;;基于異構(gòu)隱式存儲(chǔ)的多模式匹配算法[J];通信學(xué)報(bào);2009年03期

相關(guān)博士學(xué)位論文 前1條

1 范洪博;快速精確字符串匹配算法研究[D];哈爾濱工程大學(xué);2011年

本文編號(hào)：2219699