跳到主要內容

臺灣博碩士論文加值系統

(18.97.9.168) 您好!臺灣時間:2024/12/05 23:32
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:曹祥彬
研究生(外文):Shang-Bin Tsao
論文名稱:建構快速資料庫查詢語言截取架構與實施
論文名稱(外文):An Architecture for Fast SQL Capturing System and Its Implementation
指導教授:李維斌李維斌引用關係
指導教授(外文):Wei-Bin Lee
學位類別:碩士
校院名稱:逢甲大學
系所名稱:資訊工程所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2002
畢業學年度:90
語文別:中文
論文頁數:48
中文關鍵詞:入侵偵測結構化查詢語言資料挖掘資料倉儲快照字組雜湊函數
外文關鍵詞:Intrusion DetectSQLData MiningData Warehou
相關次數:
  • 被引用被引用:3
  • 點閱點閱:246
  • 評分評分:
  • 下載下載:40
  • 收藏至我的研究室書目清單書目收藏:2
電子商務盛行的環境下,公司內部的資料皆可透過網際網路來存取,這方便性卻引來駭客對於商業機密的高度覬覦,因此更顯出資料庫安全的重要性。然而一般性的入侵偵測系統用在資料庫入侵偵測時,所收集到的資料中大部分皆為二進制機器碼,在與入侵之指令及資料做樣式(Pattern)比對時,由於龐大的資料量常常造成系統的負擔,更造成無法即時判斷入侵行為及發生常態性的誤判等情況。更何況, 龐雜的資料亦容易造成大量的假入侵行為樣式,然而眾多的入侵行為樣式卻又無法由單一入侵偵測技術所涵蓋,所以一般性的入侵偵測系統,都需要由資訊安全專家來判斷是否為入侵行為樣式,並隨時更新判別知識庫。追究其原因,不外乎是一般入侵偵測系統所收集到的資料皆為極難以辨識的二進制執行碼所造成,因此在本篇文章中我們將針對上述缺失,提出一根本解決方案-即建構一個應用於資料庫入侵偵測之快速資料庫查詢語言截取架構,首先我們由快照(Snapshot)方式來篩選出真正需要判別的樣式,以減少系統所需處理的資料量,有了資料庫查詢語言(SQL)原始程式碼後,若為可疑程式樣式時則交由程式設計人員來判斷是否為入侵,而不需要資訊安全專家的幫助,除此之外我們更進一步描繪出一完整的可調式即時資料庫入侵架構來解決上述問題點。未來亦應可再由規則產生模組如資料挖掘、模糊系統及統計分析等方法來做離線分析,進而產生入侵樣式及入侵規則,為了提昇偵測效率應可利用雜湊函數(Hash Function)技巧來把入侵樣式及規則轉換成字組(Code Word)載入記憶體中做即時判斷,以增快入侵偵測處理速度並提高系統偵測的正確性來確保資料庫系統的安全。
In the e-business environment, business information is stored in company database and assessed through the Internet. This feature is convenient for intended users, but it has attracted hackers who attack highly confidential information in organizations. Therefore, it has become a very important issue in assuring the security of the database. However, when applying a regular intrusion detection system, most data collected was binary machine code. When matching legal command pattern and data with this extremely unintelligible binary code, huge data often burdens the system, unable to detect intrusion behavior in real time, and creates regularly incorrect detections. Moreover, no single intrusion detection technique is capable of monitoring all types of intrusions. Thus, it relies heavily on information security specialists to determine the pattern of attack behavior, and to update the intrusion knowledge base when employing a regular intrusion detection system. In this paper we propose a complete solution concerning this deficiency, that is, to establish an capturing fast database query language architecture which can be applied to database intrusion detection. First, we apply snapshot to filter out inspection patterns that need to be checked further, to reduce the amount of collected data through the system. After having orginal system query language codes, programmers will examine any suspect pattern to determine whether attacks have occured without any assistance from information security specialists. Furthermore, we further draw a complete adaptive real time database intrusion detection architecture to solve above problems. Next we implement production rule modules such as data mining, fuzzy system and statistic analysis to conduct offline analysis to produce intrusion patterns and intrusion rules. In order to increase our intrusion efficiency, we can apply Hash Function technique to convert intrusion patterns and rules into code words which are loaded into memory to conduct detection in real time, therefore, increasing the speed and accuracy of detection and assuring the security of the database system.
第1章 導論1
1.1 研究背景1
1.2 研究動機2
1.3 研究目的4
1.4 研究範圍與限制5
1.5 本文貢獻5
1.6 論文架構6
第 2章 文獻研究8
2.1 入侵偵測8
2.1.1 誤用偵測10
2.1.2 異常偵測10
2.2 資料收集與整理11
2.2.1 資料倉儲13
2.2.2 線上分析處理14
2.3入侵偵測方法14
2.3.1規則比對法15
2.3.2 資料挖掘法15
2.3.3 統計分析法17
2.3.4 類神經網路法18
2.3.5 模糊系統法20
2.3.6 有限機法22
2.3.7 基因演算法23
2.3.8 自我組織圖法24
2.3.9 模擬法(Simulation)25
2.3.10人工判別法25
2.3.11入侵偵測方法適用時機比較25
第 3章 系統架構28
3.1 訓練模式31
3.1.1 資料收集轉換31
3.1.2 資料儲存32
3.1.3 資料檢視33
3.1.4 規則產生33
3.2 偵測模式33
第 4章 實驗結果與討論35
4.1 實驗環境35
4.2 實驗方法及結果36
4.3 實驗討論37
第 5章 結論與未來發展38
參考文獻39
感 謝 詞41
作者簡介42
[1] J. P. Anderson. Computer Security Threat Monitoring and Surveillance. Technical report, James P Anderson Co., For Washington, Pennsylvania, April 1980.[2] Midori ASAKA, Takefumi ONABUTA, Tadashi INOUE, Shunji OKAZAWA and Shigeki GOTO “A New Intrusion Detection Method Based on Discriminant Analysis.” IEICE TRANS.INF.&SYST.,VOL.E84-D,NO.5 MAY 2001.[3] Rebecca Gurley Bace “Intrusion Detection “ Pearson Higher Education Published; ISBN: 1578701856; 1st edition December 21, 1999.[4] Christina Yip Chung, Michael Gertz and Karl Levitt “DEMIDS: A Misuse Detection System for Database Systems” IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal Control in Information Systems, 1999.[5] J. E. Dickerson and J. A. Dickerson, “Fuzzy Network Profiling for Intrusion Detection,” in Proc. of Fuzzy Information Processing Society, 2000.[6] Terry Escamalla, “Intrusion Detection : Network Security beyond the firewall”, John Wiley and Sons Inc, New York, USA, 1998.[7] Susan C. Lee and David V. Heinbuch ”Training a Neural-Network Based Intrusion Detector to Recognize Novel Attacks” IEEE TRANSACTIONS ON SYSTEMS. MAN, AND CYBERNETICS-PART A:SYSTEMS AND HUMANS.VOL 31, NO.4, JULY 2001.[8] R. Heady, G. Luger, A. Maccabe, and M. Servilla. The Architecture of a Network Level Intrusion Detection System. Technical report, Department of Computer Science, University of New Mexico, Auguest 1990.[9] S. Jha ,K. Tan, and R.A. Maxion “Markov Chains, Classifiers, and Intrusion Detection” IEEE Symposium on Security and privacy May 13-16, 2001.[10] J. Kim and P.Bentley “Negative Selection within an Artificial Immune System for Network Intrusion Detection”, the 14th Annial Fall Symposium of the Korean Information Processing Society, Seoul,Korea 2000.[11] Wenke Lee. Sal Stolfo and Kui Mok. “A Data Mining Framework for Building Intrusion Detection Models.” IEEE Symposium on Security and Privacy,1999.[12] Wenke Lee. Sal Stolfo and Philip K. Chan “Real Time Data Mining-based Intrusion Detection” IEEE Symposium on Security and Privacy, 2001.[13] Matthew G.Schultz , Eleazar Eskin and Erez Zadok “Data Mining Methods for Detection of New Malicious Executables.” IEEE Symposium on Security and Privacy,1Oakland CA, May 2001.[14] Biges. S. and R. Vaughn. “Intrusion detection via fuzzy data mining.” In proceedings of the 12th annual Canadian information technology security symposium held in Ottawa, June, 2000, by Communications Security Establishment, 111 — 121.[15] R. Sekar, M. Bendre, D. Dhurjati, and P. Bollineni “A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors” IEEE Symposium on Security and privacy May 13-16, 2001.[16] 黃曼玲 “資料倉儲系統中實體化視域選取之研究” 逢甲大學資訊工程學系碩士班碩士論文,2001年6月.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊