由於網際網路聯網應用普及網路使用快速成長,藉由網路產生的新興犯罪行為亦不斷增加。「通訊監察(Lawful Interception, LI)」(俗稱「監聽」)之概念,指國家基於犯罪偵查或國家安全所需,依法對人民有私密性期待之通訊予以攔截、開拆、讀取的強制處分。 本論文基於通訊監察之精神,使用Java語言開發了一套用於網際網路上的監聽系統,針對所在的網路環境下,攔截此環境內的網路封包,解析此區域的網路活動,並讀取封包內容做檔案重建之動作,更能有效及快速達到通訊監察之效用。 本系統針對網路使用者較常使用之網路協定(如:VoIP、HTTP及FTP)做分析及重建,並將一些較為複雜的處理動作及運算過程 (如VoIP中SIP通話記錄分類、RTP解碼),設計一套具雲端概念之系統架構,有效的解決Local端的負擔,並更有效的完成任務。最後能將使用者使用網路電話之對話記錄、HTTP網頁瀏覽、FTP檔案傳輸等等網路活動一一分析、重建及記錄。
With Internet applications getting ubiquitous and the number of Internet users increase, Internet crime rate is on the rise, too. Monitoring the Internet traffic may prevent illegal events in advance, from the viewpoint of reducing crime rate. Lawful Interception is a concept stemmed from the need for legal monitoring, interception, or access of an individual’s private communications on the basis of criminal investigation or national security. According to the need of lawful interception, this thesis designs a software system with the purpose of Internet monitoring. It captures and analyzes network packets to observe network users’ activity, as well as records and reconstructs data from the captured packets for faster and more effective practice of lawful interception. The design focuses on three commonly used network applications: Voice-over-IP based upon Session Initiation Protocol, web access based upon Hyper Text Transfer Protocol, and file transfer service based upon File Transfer Protocol. Leveraging the concept of cloud computing, the system offloads complex and computation-intensive work such as classifying SIP signaling in VoIP and the decoding of voice payloads to a cloud server, which effectively reduces the workload at the local end. The presented system is not only to record and reconstruct the data on the network, but also to analyze and interrogate the users’ behavior under specified conditions. The functionalities have been verified through intensive burn-in and pressure test as well.