| Based on the APA platform presented by Golden Eagle International Group Software System Limited Company, this paper concentrates on the key operation domain, designs one security audit monitor system model. The model integrates one backup-restore and data mining module for the data of security audit. By software and duplicated fault tolerance backup strategies, the backup-restore module ensures the security and reliability of system, and supports other modules well. According to the characteristic of key operation, the data mining module implements association and anomaly analysis in the analyzers after data cleaning and data classification, and improves the self-adaptability of system by pattern mining and knowledge updating.In the application example of the model, a double monitor system platform is implemented, it monitors from two different views of operation screen of terminals-monitored and operation network packets, and implements a searching and locating module aiming at two different collecting data. The searching module provides a keyword searching algorithm about one dynamic character data of the operation picture, and improves the algorithm from getting string and choosing appropriate string matching algorithm. The locating module associates the two collecting data by localizer, which reappears the trade process of the terminals by focused operation data.Both the rationality and practicability of the model are proved by the application examples, and for the mass data of security audit, the model resolves effectively the problems of data-management and anomaly-discovery. At present the system based on the model has been applied successfully in some bank institutions. |
PDF Full Text Request