A Distributed Monitoring System Research And Implementation Of Online Behavior

The number of internet users has reached to5.13hundred million in2012. Theinternet has entered into all fields. Browsing news, emails and chatting online are usualto most people. Though the Internet brings great convenience to normal life, the harmfulinformation that grows sharply enters into the net. Some information such as eroticism,reactionary opinion and fraud cause huge losses. A number of schemes have been putforward. Most of these schemes adopt centralized administrative methods, which cannot endure the increasing and complicated of internet. For this reason, a new model ofdistributed monitoring system is significance.According to the need of analysis in network monitoring, we design a newarchitecture of distributed internet behavior monitoring system. The framework isdesigned at three different levels, node, area and system. Node is an independentmonitoring system. It can monitor a small network. Meanwhile, analyze and store dataare possible in the node. Area consists of nodes. The filter rule among nodes is same.The system consists of finite nodes or areas. The monitoring system with thisarchitecture is robust and has good expansibility. The need of network monitoring ismeeted well.For the sake of improving robustness, a new method of cooperation among nodes isgiven. Once one node discovers suspicious information, it will send message to theother nodes peer to peer in the same area, but not notify through the control center. Thismethod can lower the degree of coupling between nodes and control center. Datastorage combines distributed storage, centralized management and centralized storage.This can ensure the security of data and avoid the overload of central nodes.Thesis introduces how to get the orginal data of HTTP, QQ, POP3, SMTP and FTP.And use Naive Bayes to analysis these information. A mechanism between contentanalyze system and iptables is established to better the intelligence system to a higherdegree.At last thesis introduces the implementation of the internet behavior monitoringsystem. To each module, the function is described from different aspects like data structure and algorithm process. A detailed testing is carried out. Test result is given.