| With the development of network, more and more enterprises have their ownIntranet that it connects with the Internet. The popularization of network affordfacilities for people's daily life and work, at the same time, it also bring a newproblem, which supply the convenience of leaking the technologies and businesssecret from the network.The network security issues often happen to us, which let many people focus onthe network security. Now, many research institution and companies work andresearch on the network security, and some products were made. These productsmainly belong to Anti-virus software,Firewall and IDS。But Anti-virus software,Firewall and IDS do little on preventing the behavior of leaking secret from networkand gaining the proofs of leaking secret from network, because this need audit thecontent of network information. The network information audit and monitor systembased on packet content do well on this problem, which audit packet content withsome keywords which were imported by the user in advance to find the suspectinformation.In this paper, we firstly analyzed the root of security issues, which let us knowthe essentiality of the information audit system. Secondly, we studied the prototype ofthe information audit system, which let us know the process of the information auditsystem. Thirdly, we studied the technologies that were used in auditing networkinformation, and summed up the implementation of the network information system,and analyzed the idea of the implementation, the character of the implementation andthe network environment where the implementation is appropriate. Then weresearched three relative technologies of the network information auditsystem—packet capturing, TCP/IP and pattern matching algorithm, and usedWinPcap as an example to analyze the bottleneck of software-based packet capturing.Later we simplified the complexity of the Boyer-Moore algorithm after analyzing thefactual thing of the project. At last, we designed and implemented the network... |
PDF Full Text Request