检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
出 处:《计算机工程与设计》2010年第6期1195-1197,1201,共4页Computer Engineering and Design
基 金:北京市科技发展面上基金项目(KM200710028017);北京市科技新星基金项目(20070B61)
摘 要:为了满足企业级高速网络中邮件监控需求,提出了基于内存映射和libnids改进框架的邮件监控审计方案。该方案首先通过改进libnids库内核、用户级缓存和内存映射文件技术减小I/O开销,高效捕获存、储原始邮件数据,然后对邮件协议进行了深入地分析,将捕获的数据简化封装成MIME格式,采用多线程技术对其进行还原,最后采用基于Wu_Manber多模式匹配算法对还原的邮件内容进行审计,生成强大的审计报表。测试结果表明,该系统能为企业管理部门提供一个高效的邮件监管工具。To meet the demanding of enterprise-level E-mail monitoring of high-speed network, an audit scheme of E-mail monitoring and controlling based on improved libnids framework and memory mapping technology is presented.Firstly, the original mail data are efficiently captured and stored by modifying the libnids library code, user-level cache and memory-mapped file technology which can reduce the I/O overhead.Secondly, the mail protocols will be analyzed deeply and the captured original data will be encapsulated into MIME format and restored by using the Multi-threading technology.Finally, restored contents of the e-mail will be audited by using multi-pattern matching algorithm based on Wu_Manber and a strong audit report will be built.The simulation results show that the system can provide an efficient platform of e-mail monitoring for enterprise management department.
关 键 词:邮件审计 libnids库 多线程 有限状态自动机 模式匹配
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.217.137.245
