| The application of computer network has penetrated into every aspect of our society, andhas brought great convenience. But the Internet is an open system, its variability, heterogeneityand dynamic characteristic made the Internet exist many security hidden trouble. System basedon Web application has been widely applied to various enterprises and institutions, illegalbehavior through intranet are frequently happened. So network security problem is a projectthat cat not be ignored.The existing research results in network security include: firewalls、intrusion detection、information encryption、access control and so on. These researches can help the enterprise toresist the external threat, but cannot effectively deal with network security problems such asInformation theft, unauthorized access to information resources and other issues. For thisproblem, this thesis combines the statistical results of user network flow and record monitoringfunction implemented by a browser helper objects (BHO) plug-in, present a method for trackingsuspicious users based on web data analysis, which used the client side/server mode. Doingstatistical analysis and data mining to internet flow and IP log of users, the system can identifyoutliers as suspicious users, and tracking browsing behavior of them. The client internet dataare recorded by BHO and stored on the server, when necessary, we can select user browsinghistory data from the server data files for playback. This method can actually represent theInternet behavior, so as to achieve the purpose of tracking the suspicious user. Meanwhile, themethod proposed is able to monitor abnormal flow and regularly check and discover suspicioususers in the intranet network. Therefore, it prevents the network from damage, and thus ensurehealthy security network environment. |
PDF Full Text Request