IDC域名可視化管理的應(yīng)用研究
發(fā)布時(shí)間:2019-03-03 16:37
【摘要】:互聯(lián)網(wǎng)充澈著大量由Content Provider,即CP提供的內(nèi)容信息,而這些內(nèi)容信息以網(wǎng)站的形式托管于Internet Data Center,即IDC機(jī)房,每個(gè)網(wǎng)站都由一個(gè)主域名,若干個(gè)子域名組成。大量犯罪違法的內(nèi)容,利用管理漏洞存在這些域名中,對(duì)社會(huì)造成了嚴(yán)重的危害。 我們國(guó)家在09年互聯(lián)網(wǎng)整風(fēng)行動(dòng)中,由中華人民共和國(guó)工業(yè)和信息化部,即工信部,提出了域名實(shí)名制管理辦法,要求各運(yùn)營(yíng)商嚴(yán)格執(zhí)行“先備案,后接入”,對(duì)接入域名嚴(yán)格執(zhí)行“誰(shuí)接入,誰(shuí)負(fù)責(zé)”的管理制度。為符合工信部對(duì)域名管理的相關(guān)要求,上海移動(dòng)于同期啟動(dòng)IDC域名可視化管理專項(xiàng)工作,研究建立IDC域名可視化管理系統(tǒng)。系統(tǒng)使用先進(jìn)的域名自動(dòng)識(shí)別、管理、分析和控制技術(shù),大幅提高IDC域名管理水平,阻斷非法站點(diǎn)的訪問(wèn),從而避免監(jiān)控疏漏導(dǎo)致的犯罪違法事件。 本文以設(shè)計(jì)建設(shè)上海移動(dòng)IDC域名可視化管理系統(tǒng)為目標(biāo),對(duì)以下內(nèi)容進(jìn)行了研究: 論文首先對(duì)IDC域名可視化管理產(chǎn)生的背景和建設(shè)的意義進(jìn)行了介紹,并結(jié)合IDC實(shí)際情況提出了功能性需求;然后對(duì)IDC域名可視化管理關(guān)鍵技術(shù)進(jìn)行了介紹,分別為有源分光技術(shù)、域名提取技術(shù)、模式匹配算法以及域名攔截技術(shù);對(duì)IDC域名可視化的系統(tǒng)設(shè)計(jì)進(jìn)行了介紹,從域名收集及預(yù)處理、智能決策引擎、邏輯處理層,講到展現(xiàn)層、外部接口;對(duì)IDC域名可視化管理系統(tǒng)部署的方式進(jìn)行了實(shí)戰(zhàn)研究,從最大化系統(tǒng)覆蓋和最小化業(yè)務(wù)影響兩個(gè)維度,選取最優(yōu)點(diǎn)位完成了系統(tǒng)部署,并使用異常流量監(jiān)控、異常流量清洗系統(tǒng)加強(qiáng)了域名可視化管理系統(tǒng)應(yīng)對(duì)互聯(lián)網(wǎng)安全威脅的能力;論文在最后介紹了IDC域名可視化管理系統(tǒng)的測(cè)試過(guò)程,以域名備案狀態(tài)查詢的準(zhǔn)確率,以及根據(jù)域名狀態(tài)執(zhí)行規(guī)則的成功率兩個(gè)方向入手,對(duì)系統(tǒng)功能進(jìn)行嚴(yán)格測(cè)試,,通過(guò)測(cè)試結(jié)果對(duì)系統(tǒng)性能有了充分的了解。 通過(guò)以上的實(shí)際研究,結(jié)合工信部要求和IDC實(shí)際需求,完成了IDC域名可視化管理系統(tǒng)的設(shè)計(jì)和建設(shè)。系統(tǒng)已應(yīng)用到日常實(shí)際生產(chǎn)和管理工作中去了,在上海移動(dòng)IDC域名管理工作中發(fā)揮了積極的作用。
[Abstract]:The Internet is full of content information provided by Content Provider, or CP, which is hosted in Internet Data Center, or IDC room in the form of a website. Each website is composed of a primary domain name and a number of sub-domain names, each of which is composed of a primary domain name and a number of sub-domain names. A large number of criminal and illegal content, the use of management loopholes exist in these domain names, causing serious harm to the society. During the 2009 Internet rectification campaign in our country, the Ministry of Industry and Information Technology of the people's Republic of China, that is, the Ministry of Industry and Information Technology, put forward measures for the management of the real-name system of domain names, requiring all operators to strictly implement the "filing first, then access". Docking domain names strictly enforce the "who access, who is responsible" management system. In order to meet the requirements of the Ministry of Industry and Information Technology (MIIT) for domain name management, Shanghai Mobile started the special work of IDC domain name visualization management at the same time, and studied the establishment of IDC domain name visualization management system. The system uses advanced domain name automatic identification, management, analysis and control technology to greatly improve the level of IDC domain name management, block the access to illegal sites, and thus avoid the crime and illegal events caused by oversight and oversight. Aiming at the design and construction of Shanghai Mobile IDC Domain name Visualization Management system, this paper studies the following contents: firstly, this paper introduces the background and significance of IDC Domain name Visualization Management. Combined with the actual situation of IDC, the functional requirements are put forward. Then the key technologies of IDC domain name visualization management are introduced, which are active spectral technology, domain name extraction technology, pattern matching algorithm and domain name interception technology. This paper introduces the system design of IDC domain name visualization, including domain name collection and preprocessing, intelligent decision engine, logic processing layer, presentation layer and external interface. The way of deploying IDC domain name visualization management system is studied. From the two dimensions of maximizing system coverage and minimizing business impact, the optimal point is selected to complete the deployment of the system, and abnormal traffic is used to monitor and control the system. Abnormal flow cleaning system strengthens the ability of domain name visualization management system to deal with Internet security threats; In the end, the paper introduces the testing process of the IDC domain name visualization management system. Based on the accuracy of the domain name record status query and the success rate of the domain name status execution rules, the function of the system is tested strictly. The performance of the system is fully understood by the test results. Through the above research, combined with the requirements of the Ministry of Industry and Information Technology and the actual requirements of IDC, completed the design and construction of the IDC domain name visualization management system. The system has been applied to daily production and management, and has played an active role in the domain name management of Shanghai Mobile IDC.
【學(xué)位授予單位】:上海交通大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2014
【分類號(hào)】:TP393.07
本文編號(hào):2433894
[Abstract]:The Internet is full of content information provided by Content Provider, or CP, which is hosted in Internet Data Center, or IDC room in the form of a website. Each website is composed of a primary domain name and a number of sub-domain names, each of which is composed of a primary domain name and a number of sub-domain names. A large number of criminal and illegal content, the use of management loopholes exist in these domain names, causing serious harm to the society. During the 2009 Internet rectification campaign in our country, the Ministry of Industry and Information Technology of the people's Republic of China, that is, the Ministry of Industry and Information Technology, put forward measures for the management of the real-name system of domain names, requiring all operators to strictly implement the "filing first, then access". Docking domain names strictly enforce the "who access, who is responsible" management system. In order to meet the requirements of the Ministry of Industry and Information Technology (MIIT) for domain name management, Shanghai Mobile started the special work of IDC domain name visualization management at the same time, and studied the establishment of IDC domain name visualization management system. The system uses advanced domain name automatic identification, management, analysis and control technology to greatly improve the level of IDC domain name management, block the access to illegal sites, and thus avoid the crime and illegal events caused by oversight and oversight. Aiming at the design and construction of Shanghai Mobile IDC Domain name Visualization Management system, this paper studies the following contents: firstly, this paper introduces the background and significance of IDC Domain name Visualization Management. Combined with the actual situation of IDC, the functional requirements are put forward. Then the key technologies of IDC domain name visualization management are introduced, which are active spectral technology, domain name extraction technology, pattern matching algorithm and domain name interception technology. This paper introduces the system design of IDC domain name visualization, including domain name collection and preprocessing, intelligent decision engine, logic processing layer, presentation layer and external interface. The way of deploying IDC domain name visualization management system is studied. From the two dimensions of maximizing system coverage and minimizing business impact, the optimal point is selected to complete the deployment of the system, and abnormal traffic is used to monitor and control the system. Abnormal flow cleaning system strengthens the ability of domain name visualization management system to deal with Internet security threats; In the end, the paper introduces the testing process of the IDC domain name visualization management system. Based on the accuracy of the domain name record status query and the success rate of the domain name status execution rules, the function of the system is tested strictly. The performance of the system is fully understood by the test results. Through the above research, combined with the requirements of the Ministry of Industry and Information Technology and the actual requirements of IDC, completed the design and construction of the IDC domain name visualization management system. The system has been applied to daily production and management, and has played an active role in the domain name management of Shanghai Mobile IDC.
【學(xué)位授予單位】:上海交通大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2014
【分類號(hào)】:TP393.07
【參考文獻(xiàn)】
相關(guān)期刊論文 前1條
1 白斌;;網(wǎng)絡(luò)安全中的TCP欺騙的研究[J];計(jì)算機(jī)與信息技術(shù);2008年10期
本文編號(hào):2433894
本文鏈接:http://sikaile.net/guanlilunwen/ydhl/2433894.html
最近更新
教材專著
