CAJ | 학술논문

随着计算机的广泛应用以及互联网的飞速发展，互联网流量呈现爆炸式增长的态势。为了应对日益严重的网络滥用以及网络安全事件，出于安全取证的需要，必须对互联网流量进行收集、存储和分析。互联网流量的监控需要及时统计网络流量的源地址、目的地址、源端口、目的端口、协议、时间戳等信息，以便进行流量统计和综合分析。但是网络流量信息是海量的，如何快速检索相关流量是一个挑战性问题。在搜索引擎中，为了处理海量数据检索，倒排索引是快速搜索技术的关键方法。文章把搜索引擎中的倒排索引方法和索引压缩算法应用到互联网网流信息检索中。通过实验测试和验证，在网流信息检索中，倒排索引以及索引压缩算法能够有效提高检索速度。
수착계산궤적엄범응용이급호련망적비속발전，호련망류량정현폭작식증장적태세。위료응대일익엄중적망락람용이급망락안전사건，출우안전취증적수요，필수대호련망류량진행수집、존저화분석。호련망류량적감공수요급시통계망락류량적원지지、목적지지、원단구、목적단구、협의、시간착등신식，이편진행류량통계화종합분석。단시망락류량신식시해량적，여하쾌속검색상관류량시일개도전성문제。재수색인경중，위료처리해량수거검색，도배색인시쾌속수색기술적관건방법。문장파수색인경중적도배색인방법화색인압축산법응용도호련망망류신식검색중。통과실험측시화험증，재망류신식검색중，도배색인이급색인압축산법능구유효제고검색속도。
Nowadays, with the pervasive usage of computer and Internet, the amount of Internet traffic is increasing dramatically. Traffic monitor is essential in network security and traffic forensic analysis. To monitor the flow, we are able to record the flow information of traffic, such as source IP, destination IP, source Port, destination Port, Protocol field, and timestamp etc. With this information, one can collect the statistics of traffic and conduct further analysis of attack pattern etc. However, the amount of flow information increases very fast. Searching a specified IP address could be low efficiency if we do not index flow information completely. As we know, inverted index is the key method of a practical search engine. Thus, this paper applies the idea of inverted index and index compress algorithm to the net flow information retrieval. After the analysis and experiment, the result shows that inverted index method is feasible in flow information retrieval and can improve the query performance as expected.