| With the rapid development of computer and network, the file electronization and office internetization are continuously widespread. At the same time, the problem of file network-leakage has emerged gradually. It has casued huge economic loss, even impacedt the security of our nation. So, the analysis of file network-leakage prevention is significative.In view of the above circumstances, this paper controled the file network-leakage by analyzing the data-stream in and out through inner network. The main work of this paper is as follows:1. After analyzing the characteristic of data stream, which is double-direction, associated, structural, the concept of the attribute of data stream is defined. And feasibility of the file network-leakage prevention based on data stream analysis is discussed.2. A mechanism of avoiding file leakage based on analyzing the data stream is built. The access control model based on attributes is used in this mechanism. This mechanism can pick up the attributes of the data-stream by analyzing the data stream which flows in and out through inner network. Then use these attributes to control the file-leakage through network.3. Two key technologies of mechanism are researched:(1) Application-level protocol identification.Identifying the protocol of application layer is the base of implementing the mechanism of avoiding file leakage through network based on analyzing the data stream. The attribute information picked up during the identification process is an important foundation of control.(2) Matching for monitoring policies based on attributes of data stream.Mornitoring policys are established according to attributes of data stream. An improved multi-patterns matching algorithm called for A_AQR is presented for dealing with the problem of real-time matching between multiple policys and data-stream's attributes information.4. A prototype system of preventing file leakage based on data stream analysis is developed. The mechanism theory is applied and proved in this system. |
PDF Full Text Request