【摘要】：隨著網(wǎng)絡的迅猛發(fā)展,電子郵件的使用范圍越來越廣,電子郵件在互聯(lián)網(wǎng)通信中有著不可替代的作用,是企業(yè)互聯(lián)網(wǎng)主要的交互手段,電子郵件的內(nèi)容是否涉及敏感信息至關重要。電子郵件監(jiān)控系統(tǒng)是指監(jiān)控互聯(lián)網(wǎng)上的電子郵件,以確保其內(nèi)容和傳輸?shù)暮戏ㄐ�。目�?對于電子郵件的監(jiān)控技術的研究大多數(shù)都偏向于對垃圾郵件的監(jiān)控,通過分析電子郵件特征來判斷郵件性質(zhì),但這并不適用于敏感郵件的分析。而且目前對敏感電子郵件的監(jiān)控主要是通過旁路的方式對敏感郵件進行監(jiān)控,對于敏感郵件的監(jiān)控率比較低。旁路敏感郵件監(jiān)控技術是對網(wǎng)絡數(shù)據(jù)流量進行分析,發(fā)現(xiàn)其中的郵件流量,對郵件流量重組,然后解析郵件,獲取郵件內(nèi)容,并對郵件內(nèi)容進行敏感識別,控制敏感郵件的傳輸。旁路敏感郵件監(jiān)控技術目前存在兩個問題,一是對大規(guī)模網(wǎng)絡流量數(shù)據(jù)報文捕獲時產(chǎn)生的丟包問題導致郵件監(jiān)控率比較低;二是旁路敏感郵件監(jiān)控技術對敏感郵件使用中斷連接的方式來中斷郵件傳輸,這會導致郵件客戶端重新傳輸郵件,增加了郵件監(jiān)控的負載。針對旁路郵件監(jiān)控技術中郵件監(jiān)控識別率低的問題,提出了基于代理的敏感郵件監(jiān)控技術,通過使用郵件代理的方式獲取郵件流量,將郵件流量從其他網(wǎng)絡流量中分離出來,提高了郵件的監(jiān)控率。對當前主流的SOCKS代理和HTTP代理兩種代理方式進行分析,提出了針對郵件協(xié)議的混合代理。針對旁路郵件監(jiān)控技術中郵件客戶端重新傳輸郵件的問題,使用替換郵件內(nèi)容的方式來處理敏感郵件,使郵件客戶端認為郵件已經(jīng)傳輸成功,不再重新發(fā)起傳輸請求。通過分析基于代理的敏感郵件監(jiān)控系統(tǒng)的功能需求,對郵件代理服務器進行功能模塊的劃分,并對各個模塊進行了設計與實現(xiàn)。最后,對基于代理的敏感郵件監(jiān)控系統(tǒng)進行了測試,重點測試了系統(tǒng)的監(jiān)控率和系統(tǒng)的性能。本文的研究成果是提出了基于代理的敏感郵件監(jiān)控的技術,為企業(yè)和其他機構監(jiān)控郵件通信提供了一種有效的手段。
[Abstract]:With the rapid development of the network, the use of electronic mail is becoming more and more extensive. E-mail plays an irreplaceable role in Internet communication, and it is the main interactive means of enterprise Internet. Whether the content of an email involves sensitive information is crucial. E-mail monitoring system is to monitor e-mail on the Internet to ensure the legitimacy of its content and transmission. At present, most of the research on email monitoring technology is focused on spam monitoring. The nature of email is judged by analyzing the characteristics of email, but this is not suitable for the analysis of sensitive mail. At present, the monitoring of sensitive email is mainly through bypass way to monitor sensitive email, and the monitoring rate of sensitive email is relatively low. The monitoring technology of bypass sensitive mail is to analyze the network data flow, find the mail flow, reorganize the mail flow, then analyze the mail, obtain the mail content, and identify the email content sensitively. Control the transmission of sensitive messages. There are two problems in the bypass sensitive email monitoring technology. One is that the packet loss caused by the capture of large-scale network traffic data packets leads to a low monitoring rate of mail. The other is that the bypass sensitive mail monitoring technology uses the way of breaking the connection to interrupt the mail transmission, which will cause the mail client to retransmit the mail and increase the load of the mail monitoring. Aiming at the problem of low identification rate of mail monitoring in bypass mail monitoring technology, a sensitive email monitoring technology based on agent is proposed, which can obtain mail flow by using mail agent and separate mail traffic from other network traffic. Improved mail monitoring rate. This paper analyzes the two main proxy methods, SOCKS agent and HTTP agent, and proposes a hybrid agent for mail protocol. Aiming at the problem of mail retransmission by mail client in bypass mail monitoring technology, this paper uses the method of replacing email content to deal with sensitive mail, which makes the mail client think that the mail has been transferred successfully and no longer reinitiate the transmission request. By analyzing the functional requirements of the agent-based sensitive mail monitoring system, the function modules of the mail proxy server are divided, and each module is designed and implemented. Finally, the agent-based sensitive mail monitoring system is tested, with emphasis on the monitoring rate and performance of the system. The research result of this paper is to put forward the agent-based sensitive email monitoring technology, which provides an effective means for enterprises and other organizations to monitor email communication.
【學位授予單位】：哈爾濱工業(yè)大學
【學位級別】：碩士
【學位授予年份】：2015
【分類號】：TP393.098

【參考文獻】

相關期刊論文 前2條

1 唐武生;田立紅;曹偉;;Base64編碼的實現(xiàn)與應用研究[J];長春大學學報;2006年04期

2 魯宏偉;魏凱;孔華鋒;;一種改進的KMP高效模式匹配算法[J];華中科技大學學報(自然科學版);2006年10期

相關碩士學位論文 前2條

1 宮偉俊;雙向廣電網(wǎng)絡中統(tǒng)一邊緣資源管理器的研究與實現(xiàn)[D];北京郵電大學;2013年

2 王圣波;局域網(wǎng)垃圾郵件監(jiān)控及過濾技術的研究[D];吉林大學;2014年

，

本文編號：2280353