【正文】 (b) Individual Model Builder that uses the student behaviormodel to make the necessary changes in both the student knowledge and the studentpreference model。 (4) Student Knowledge the student’s level of understanding of domain concepts. An overlay approach is used where each concept is associated with a measurement of the student’s knowledge status in relation to that concept. The putation of this status is based on certainty factor and fuzzy set theories [11]. For each concept c, two fuzzy values are calculated: measure of Belief, MB(c) and Measure of Disbelief, MD(c) that the student understands c. The algorithm for calculating MB(c) and MD(c) considers the time spent on the learning objects and the correctness of the answers to assessment quizzes, the fuzzy equations used are give in [7]. A Certainty Factor is calculated as CF(c) = MB(c) MD(c) to represent the student39。s learning interactions, such as the sessions the student has gone through and detailed information of his/her activities。 in their learning, the teachers in WBDE need to have good understanding of what is happening in distance classes. WCMS collect rich tracking data about the students’ activities, but this data is rarely used by teachers due to its plexity and poor structure. We have developed a Teacher ADVisor (TADV) framework [6] which uses WCMS tracking data to build fuzzy student, group and class models, based on which appropriate advice is generated to facilitators. The TADV mechanism for fuzzy student modeling is presented elsewhere, see [7]. This paper focuses on the use of student, group, and class models to generate appropriate advice to teachers.This paper will briefly introduce TADV (Section 2). We will then outline, in Section 3, the structure of the student, group, and class models, and will describe, in Section 4, how these models are used for advice generation. Section 5 will present a prototype of TADV that was used in an empirical evaluation with real users, results of which will be sketched out in Section 6. Finally, in the conclusions, we will point out the contribution of our work to student modeling and intelligent WCMS.2 Brief Overview of TADV TADV is a puterbased advice generating framework designed to deliver advice to facilitators in a WBDE environment developed in WCMS platforms.TADV consists of two parts (see ). PARTI represents the conventional structure of a course developed in WCMS. The course designers are responsible for preparing the course material incorporated in the Domain Knowledge Base (DKB). TADV considers the mon way a course is designed with a WCMS, . a course is defined in a hierarchical way and divided into a set of lessons, where each lesson is deposed into a set of concepts that prise the knowledge building blocks. Each concept is illustrated by learning objects (HTML pages, presentations, etc.), assessment quizzes, and munication activities. The student tracking data that WCMS collects throughout the course is stored in a Student Database (SDB) – the main source for student, group and class modeling. PARTII is an extension to WCMS to model students and generate advice. Domain MetaKnowledge (DMK) is a layer upon DKB that describes the course material and how the domain concepts are related. TADV uses concept maps to represent relations between domain concepts in a hierarchical structure. Student Models (SM) represent the knowledge of individual students and their munication styles. Group Models (GM) and Class Model (CM) are derived from individual SM to represent information about specific groups of students and the whole class. Student Model Builder (SMB) is a module that analyzes the information supplied by the WCMS and builds SM, GM, and CM. Student modeling capabilities are briefly described in Section 3。希望在以后的學(xué)習(xí)和工作中可以繼續(xù)研究這個(gè)課題。（3） 采取更加有效率的匹配方式，提高系統(tǒng)的工作效率。本系統(tǒng)的不足主要有如下幾點(diǎn)：（1） 隨著工作負(fù)荷的不斷加大，系統(tǒng)可能會(huì)出現(xiàn)數(shù)據(jù)包的丟失。（10）對(duì)系統(tǒng)的各個(gè)模塊進(jìn)行的測(cè)試。（7）URL地址和數(shù)據(jù)庫(kù)的黑名單進(jìn)行網(wǎng)址匹配（8）對(duì)非法網(wǎng)址予以攔截，并跳轉(zhuǎn)至管理員預(yù)先設(shè)置好的頁(yè)面。（5）把網(wǎng)卡設(shè)置為混雜模式，獲取經(jīng)過網(wǎng)卡的所有幀。（3）跟據(jù)項(xiàng)目的可行性，寫出需求分析報(bào)告。這篇論文主要的任務(wù)有如下幾個(gè)：（1）深入了解課題的研究背景以及研究的迫切性。因此說，這次畢業(yè)設(shè)計(jì)，我從中學(xué)到了不少的東西，甚至有一些是我終生受益匪淺的。本文重點(diǎn)闡述了web訪問監(jiān)控系統(tǒng)的設(shè)計(jì)與實(shí)現(xiàn)，主要分為網(wǎng)絡(luò)監(jiān)聽模塊、攔截策略模塊、IP包過濾和網(wǎng)址匹配等模塊。因此基于旁路的web訪問監(jiān)控系統(tǒng)就十分有必要替代傳統(tǒng)的防火墻，擔(dān)當(dāng)起網(wǎng)絡(luò)衛(wèi)士的職責(zé)。而之前的防火墻那種過濾非法網(wǎng)站的方法在如今網(wǎng)民數(shù)量急速上升、網(wǎng)絡(luò)速度要求越來(lái)越高的大環(huán)境下顯得有些力不從心。同時(shí)將這個(gè)網(wǎng)址發(fā)送到數(shù)據(jù)庫(kù)的白名單中，等這個(gè)用戶下次訪問的時(shí)候就可以不被阻止而直接訪問。 FTP工作過程這個(gè)模塊在消息服務(wù)器上運(yùn)行，當(dāng)發(fā)現(xiàn)瀏覽器要訪問非法網(wǎng)站時(shí)，網(wǎng)頁(yè)攔截模塊把瀏覽器的訪問請(qǐng)求重定向到管理員提前設(shè)置好的網(wǎng)頁(yè)上，這個(gè)模塊的作用就是告知用戶，他所要訪問的網(wǎng)頁(yè)是不被允許的。QIUT:代表即將和服務(wù)器發(fā)生斷開連接。PASV:采取被動(dòng)的模式。更新時(shí)需要用的一些指令：USER:代表USER字段緊接著的是用戶名。 數(shù)據(jù)庫(kù)的更新要用到FTP技術(shù)。數(shù)據(jù)更新模塊每過固定的一個(gè)時(shí)間就要與數(shù)據(jù)服務(wù)器完成核對(duì)是不是有新的網(wǎng)址需要拉進(jìn)到數(shù)據(jù)庫(kù)中。flag,sizeof(int)):接下來(lái)調(diào)用sendto()函數(shù)把已經(jīng)發(fā)送緩沖區(qū)的IP包發(fā)送到用戶瀏覽器。默認(rèn)的socket實(shí)例,tcp和ip首部是系統(tǒng)默認(rèn)情況下的,通過以下代碼，告知服務(wù)器由管理員自己填寫的tcp和ip首部：Int flag=1。 (2)填寫各層首部字段(3)發(fā)送IP包在各層首部字段都填寫完畢后，把他們安裝TCP/IP封裝按順序?qū)懙骄彌_層中。4xx:代表用戶出現(xiàn)的操作錯(cuò)誤,例如400代表服務(wù)器不能正常識(shí)別。2xx:代表成功,例如202代表請(qǐng)求雖然被接受，但是仍未處理。其中狀態(tài)碼有5種。上圖的第一行稱之為狀態(tài)行。正因?yàn)榫W(wǎng)頁(yè)攔截模塊在web服務(wù)器與用戶瀏覽器之間，所以攔截模塊能在用戶訪問非法網(wǎng)站之前就與用戶瀏覽器“握手”，及時(shí)的阻止用戶訪問非法網(wǎng)站。但是web監(jiān)測(cè)系統(tǒng)所要做的工作就是用其網(wǎng)絡(luò)監(jiān)聽模塊和IP包分析模塊，提取出URL地址時(shí)，發(fā)現(xiàn)這個(gè)地址是可疑的，網(wǎng)絡(luò)攔截模塊就要發(fā)揮作用了。它的原理是:如果員工或?qū)W生用瀏覽器輸入網(wǎng)址時(shí)，就把GET報(bào)文發(fā)向了web服務(wù)器。當(dāng)網(wǎng)址匹配模塊發(fā)現(xiàn)該網(wǎng)址為非法網(wǎng)址時(shí)，就將這個(gè)消息告知網(wǎng)頁(yè)攔截模塊，并要求它進(jìn)行攔截。(4)將URL以字符為單位循環(huán)左移一位。(2)將URL以字符為單位循環(huán)左移一位。然后進(jìn)行散列值計(jì)算,放到數(shù)組相應(yīng)位置的第2個(gè)比特位。最大程度的減少重復(fù)幾率,要在這個(gè)基礎(chǔ)上做一部分修改:多次計(jì)算字符串的散列值。retumx%0xl000000。istrlen(s)。x。哈希算法的C語(yǔ)言代碼:int51(ehar*s){unsignedintx,y:x=0。(2)把URL 4個(gè)字節(jié)一組,與x異或。因?yàn)閮?nèi)存中對(duì)各個(gè)數(shù)組的訪問都是可以隨機(jī)的，因此可以在O（1）時(shí)限內(nèi)完成，哈希算法可以做到提高工作效率的目的。其中重要的一點(diǎn)就是匹配速度要快。網(wǎng)址匹配模塊把提取出的URL地址與數(shù)據(jù)庫(kù)中的URL進(jìn)行匹配，如果匹配成功的話，就把這個(gè)匹配結(jié)果告知下一個(gè)模塊，對(duì)這個(gè)網(wǎng)址予以攔截。用戶加入采取這種方式瀏覽網(wǎng)站,直接在請(qǐng)求報(bào)文中實(shí)體主體以上部分不能獲取用戶所請(qǐng)求的網(wǎng)頁(yè)的URL地址。網(wǎng)頁(yè)代理的工作過程是這樣的: 它先是為用戶提供一個(gè)界面,大多數(shù)情況下,頁(yè)面都很簡(jiǎn)單,僅僅有1個(gè)記事本式的文本框,瀏覽器把要瀏覽網(wǎng)頁(yè)的URL地址輸入到這個(gè)文本框中，然后把這個(gè)文本框交給網(wǎng)頁(yè)代理的網(wǎng)站。它充當(dāng)了溝通用戶與不合法網(wǎng)站的紐帶。另一種是用戶直接輸入了某非法網(wǎng)頁(yè)的完整路徑,這種情況也需要用戶的具體訪問的文件名。一種是一個(gè)網(wǎng)站的一部分內(nèi)容時(shí)合法的另一部分內(nèi)容是不合法的。 大多數(shù)時(shí)候,想要要過濾掉某個(gè)非法網(wǎng)址,僅僅需要得到用戶所要訪問的網(wǎng)站域名地址就可以了,不一定要得到具體訪問某一個(gè)特定的文件下的內(nèi)容。(1) 處理GET報(bào)文當(dāng)我們要訪問,瀏覽器發(fā)送的請(qǐng)求報(bào)文格式如下:GET/HTTP/\r\nAeeePt:*/*\r\nAccePt一Language:zh一zh\\r\nHost:\r\n\r\n其中GET后面的U甩字段和HOST字段是含有網(wǎng)頁(yè)U肚信息的關(guān)鍵字段。HTTP請(qǐng)求報(bào)文格式如圖。沒有用的數(shù)據(jù)包采取舍棄的處理方式，這樣可以很大程度上減輕網(wǎng)址匹配模塊的工作量，使網(wǎng)址匹配模塊可以更加迅速的處理非法網(wǎng)址。由于獲取的數(shù)據(jù)可能有多種的類型，而我們只想要其中的一些