| Our country has already worked out pertinent laws and statutes to keep watch and stop various crimes which spread harmful information through the Internet, so as to keep the Internet more healthy and positive. Current network information monitoring system is insufficient in high-speed packets capture and massive alert analysis, so there is an urgent demand for new system to monitor the high-speed network.What this thesis presents is a design plan of network information monitoring system based on platform of WAN, on the basis of which the thesis focuses on the study and implement of the network probe. As a front note, probe plays an important role in the system, its main function is to capture and analyze data, and send the relevant information to the centre as well. The probe realizes the respective function according to the protocol, while the application of zero-copy technology and the optimization of programming code improve the overall function of which on a certain degree. The key factors affecting the performance of the probe, such as capturing and filtering of network data, protocol analysis, multi-keywords matching, are analyzed in detail and some means of realization are given.The system adopts both C/S mode, which can filter and analyze the large amount of data, restore and group the harmful information, and carry out different alarming or responding according to the monitoring and analyzing tactics which the user defines. It can carry out effective control to illegal Internet services and websites, and provide reliable and cogent electrical evidences to strike the crime done by computer network. The system will receive broad application and have a bright future in the field of network information monitoring. |
PDF Full Text Request