Research And Implementation Of Content-based Information Anti-Leakage System In LAN

In recent years, the on-line leakage of information emerged in endlessly, which has created the heavy loss for the country and the army. In order to protect the information security, to carry on the monitoring to on-line information is one essential method. Through statistical analysis of the accidents, we found that more than 95% of accidents are related to electronic documents, therefore enhancing the monitor on on-line electronic document for Information Anti-Leakage is very important.In this paper, Content-based Information Anti-Leakage System in LAN designed by us is a network information monitoring system, which can distinguish electronic documents that contain sensitive information and records relevant data, through capture and analysis network packet and classify text Based on content.Firstly, based on researching the information filtering model, we design the framework of Anti-Leakage System in LAN, which consists of three modules, Module of Packet capturing, Module of Packet detection and document extraction, Module of document audit based on content.Secondly, we have chosen the appropriate plan to operate, by analyze the core technologies involved in our system. The main procedure includes: Based on studying WinPcap, the module of data packet capturing has been designed and implemented, proposing the solution for the problem of packet dropped in LAN by increasing buffer storage. Based on deep analysis of the format of MS Office document and single patterns string matching algorithm, we find characteristic codes and the way to calculate the length of document. Meanwhile, we have proposed a more efficient BMGS algorithm by enlarging the distance the pattern string of BM algorithm moved. On this basis, we design and realize detection to document base on key words and document extraction from packets. Based on research algorithMS of text classification, we decided using Naive Bayesian algorithm to establish the text classifier, at the same time, considering the object the system must achieve, we have designed a new model for text classifier to use the least risk Bayesian to revise the classifier.Taking MS Office documents monitoring as a goal, a prototype of Anti-Leakage system in LAN has been done. And the results have demonstrated that the architecture and core algorithm of the prototype system can work well. By analyzing the performance and efficiency of the prototype system, the preliminary results are showed as follows: the prototype system does well in document capture and secret involved document filter. And it shows stable performance and greater advantage, which meets the demands that 100M LAN asks for the MS Office document monitoring.