標題: 以串流為基礎具有交錯解壓縮與病毒掃瞄的郵件代理伺服器
A Stream-based Mail Proxy with Interleaved Decompression and Virus Scanning
作者: 陳思豪
Szu-Hao Chen
林盈達
資訊科學與工程研究所
關鍵字: 串流;分段;線上;即時;病毒;掃毒;代理伺服器;交錯;解壓縮;stream-based;segment;on-the-fly;virus;proxy;interleave;decompression
公開日期: 2004
摘要: 在閘道器或防火牆系統上防毒時有中央控管與提早擋下病毒等優點。但管理一群電腦時,傳統的先存下整個資料再處理的方法會有資源耗損太快的問題以及大量的檔案系統存取負荷。我們實作了一個以串流為基礎的郵件代理伺服器,它以交錯執行分析MIME、解碼、解壓縮、掃毒等步驟達到部分地處理郵件而不是先將整封存起來。在實作上,我們整合了一些開放源碼的套件,並且使用系統呼叫select將其實作成單一程序的多工伺服器。這個系統完全沒有存取檔案系統時的負荷,並且使用較少量的記憶體。我們的評測程式說明了在許多種的郵件上,我們的代理伺服器與先存檔再處理的代理伺服器(以AMaViS和postfix兩套件組成)比起來同時具有更好的速度與更少的系統資源使用率。在測試數據中我們發現我們的代理伺服器在沒有任何處理單純轉送封包的情況下比傳統儲存全部的方法快七倍;在有掃毒的情況下快三倍;在有掃毒且有解壓縮的情況下快兩倍。我們的系統在記憶體的使用上,不論該連線所傳送的資料大小,對單一連線皆維持一個定值,總使用量隨著連線數線性成長;但傳統的方法在儲存空間上與連線數與資料大小皆成正比。
Anti-virus systems nowadays might operate on access gateways for centralized management and early blocking viruses. When serving a group of computers, the traditional storage-based mechanism has the scalability problem due to its storage of mails under processing. This work designs a stream-based mail proxy which processes the mail segment by segment without the storage of the entire mail and interleaves the MIME parsing, decoding, decompression and virus scanning. We integrate and modify several existing open-source packages into the proxy and use the system call select to achieve single-process concurrency. The benchmarking reveals our proxy is seven times faster than in the storage-based mail proxy on simply forwarding, and three times faster on virus scanning, and twice faster on both virus scanning and decompression. Our proxy keeps constant memory consumption for each connection and works without disk storage while the disk usage of AMaViS is proportional to both the number of clients and the mail size.
URI: http://140.113.39.130/cdrfb3/record/nctu/#GT009223584
http://hdl.handle.net/11536/76634
Appears in Collections:Thesis


Files in This Item:

  1. 358401.pdf