(3.210.184.142) 您好!臺灣時間:2021/05/16 01:49
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:詹純源
研究生(外文):Chun-Yuan Chan
論文名稱:以無向性貝氏網路為基礎之網頁入侵偵測系統
論文名稱(外文):Web Intrusion Detection Using Probabilistic Network with Undirected Links
指導教授:施東河施東河引用關係
指導教授(外文):Dong-Her Shih
學位類別:碩士
校院名稱:國立雲林科技大學
系所名稱:資訊管理系碩士班
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2003
畢業學年度:91
語文別:中文
論文頁數:67
中文關鍵詞:入侵偵測網頁入侵無向性貝氏網路貝氏網路
外文關鍵詞:Intrusion DetectionWeb Intrusion DetectionIDSBayesian NetworkUndirected Bayesian Network
相關次數:
  • 被引用被引用:3
  • 點閱點閱:170
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
網路安全及系統安全一直是許多MIS人員所關切的議題,面對攻擊技術以及攻擊軟體的進步以及取得的便利,網路與系統的安全性便一再的遭受威脅,在攻擊事件頻傳的狀況下,如何有效率的評估稽核網路安全狀況並且加以保護,成了當前許多企業與資訊人員關切的議題。

本論文主要是以嶄新的無向性貝氏網路建構異常偵測模式之網頁入侵偵測系統。傳統上,貝氏網路是由有方向性非循環的圖形以及條件機率表所組成,並且利用事前機率來推算出結果的可能性。本論文採用嶄新的無方向性貝氏網路以聯合機率表取代條件機率表;以無方向圖形取代有方向非循環的圖形,過去在其他相關的研究當中表現良好,本論文採用異常偵測模式,將正常行為的資料交由無向性貝氏網路訓練結構以及參數,並用以偵測出可能的異常行為,經過實驗之後證實本研究的偵測能力相當良好。
In this paper we present Bayesian probabilistic network to web intrusion detection through anomaly detection. A Bayesian network (or Probabilistic network) is a graphical model that can encode prior state distributions among dependent objects into its structure and probabilistic distribution tables. BN is used to learn long-term profiles of normal activities in web service LogFiles, and to measure deviation of observed activities from normal profiles that can be used to detect intruders. We adapt a new symmetric structure for Bayesian networks with undirected links between nodes. Traditionally BN supports only directed links between nodes. We adapt BN by replacing directed links with undirected links, and using joint probability tables instead of conditional probability tables. Our experiments show that it is possible for web intrusion detection by using Bayesian networks.
中文摘要
英文摘要
誌 謝
目錄
表目錄
圖目錄
一、緒論
1-1研究背景
1-2研究動機
1-3研究目的
1-4研究限制
1-5研究流程
二、文獻探討
2-1入侵偵測系統介紹
2-2入侵偵測系統的分類
2-2-1入侵偵測系統分類-依照應用環境
2-2-2入侵偵測系統分類-依照偵測方法
2-3入侵偵測分析方法
2-4入侵行為探討
2-4-1網站常見入侵手法
2-4-2知名攻擊行為探討
2-5特徵選取
2-5-1Apache日誌檔格式
2-5-2分析使用的特徵擷取
2-6貝氏機率與貝氏網路
2-6-1貝氏定理以及事後機率
2-6-2貝氏分類
2-6-3貝氏網路
2-6-4無向性貝氏網路
三、研究架構
3-1基本架構
3-2資料來源
3-3變數取得
3-3-1資料擷取
3-3-2資料過濾
3-3-3變數選擇
四、實驗設計
4-1資料分析及處理
4-1-1原始資料轉換
4-1-2資料編碼
4-1-3進行變數相關性分析
4-1-4建立貝氏網路結構
4-1-5訓練貝氏網路參數
4-1-6從貝氏網路中推論
五、驗證結果與分析
5-1交叉驗證
5-1-1交叉實驗一
5-1-2交叉實驗二
5-1-3交叉實驗三
5-1-4交叉驗證結果
5-2實際攻擊實驗
5-3惡意郵件偵測
5-3-1惡意郵件資料
5-3-2變數刪減
5-3-3無向性貝式網路訓練
5-3-4建立ROC曲線
5-3-5測試未知的惡意郵件
5-3-6惡意郵件偵測結論
六、結論以及未來建議
6-1研究限制
6-2未來研究方向
6-2-1入侵偵測服務
6-2-2演算法的改進
參考文獻
[1] A. Sundaram,ACM Crossroads Student Magazine, An Introduction to Intrusion Detection, http://www.acm.org/crossroads/xrds2-4/intrus.html .
[2] Abdallah Abbey Sebyala, T. Olukemi, L. Sacks, ”Active Platform Security through Intrusion Detection Using Naive Bayesian Network for Anomaly Detection”, In Proceedings of London Communication Symposium (LCS) 2002, University College London, September, 2002.
[3] Dit-Yan Yeung, Yuxin Ding, 2003, ”Host-based intrusion detection using dynamic and static behavioral models” Pattern Recognition, Vol. 36, pp. 229-243.
[4] D. E. Denning, 1987, ”An intrusion Detection Model”, IEEE Transactions On Software Engineering, vol. SE-13, no. 2, pp. 222-232, Feb.
[5] Dickerson J. E., Dickerson J.A., 2000, ”Fuzzy network profiling for intrusion detection”, Fuzzy Information Processing Society, NAFIPS, 19th International Conference of the North American, pp. 301-306.
[6] E. Lundin, E. Jonsson, 2000, “Anomaly-Based Intrusion Detection: Privacy Concerns and Other Problem”, Computer Networks, Vol. 34, pp. 623–640.
[7] E. Biermann, E. Cloete, L.M. Venter, 2001, “A comparison of intrusion Detection systems”, Computers & Security.
[8] Iguchi M. , Goto S., 1999, “Network surveillance for detecting intrusions”, Internet Workshop, IWS 99, pp 99-106.
[9] J.P Anderson, 1980, “Computer security threat monitoring and surveillance”, Technical Report, Fort Washington, PA.
[10] Joao B. D. Cabrera, et al., 2002, “Proactive Intrusion Detection and Distributed Denial of Service Attacks-A Case Study in Security Management”, Journal of Network and Systems Management, Vol.10, No.2.
[11] Kymie M. C. Tan, Roy A. Maxion, 2003, “Determining the operational Limits of an Anomaly-Based Intrusion Detector”, IEEE Journal on selected areas in communications, Vol. 21, No. 1, January.
[12] K. Y. Lam, L. Hui, S. L. Chung, 1996, “A Data Reduction Method for Intrusion Detection”, System Software, Vol. 33, pp 101-108.
[13] McClure, Joel Scambray, George Kurtz , 2001, 駭客現形第二版,尤焙麟譯,麥格羅.希爾,台北。
[14] M. Wood, M. Erlinger, 2001, “Intrusion Detection Message Exchange Requirements”, draft-ietf-idwg-requirements-06, February.
[15] M. Iguchi, S. Goto, 1999, “Detection Malicious Activities through Port Profiling”, IEICE Transactions on Information and Sytems, Vol.E82-D, no.4, pp 784-792, April.
[16] N. Kato, et al, 1999, “A Real-Time Intrusion Detection System (IDS) for Large Scale Networks and Its Evaluation”, IEICE Transactions on Communications, Vol.E82-B, no. 11, pp. 1817-1825, November.
[17] Nong Ye, Mingming Xu, Syed Masum Emran, 2000, “Probabilistic Networks with Undirected Links for Anomaly Detection”, Proceedings of the 2000 IEEE, June.
[18] Phil Porras, et al., 1998, “The Common Intrusion Detection Framework Architecture”, CIDF working group document.
[19] Phillip A. Porras, 1999, “Detecting Computer and Network Misuse Through the Production-Based Expert System Toolset (P-BEST)*”, In Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, California, MAY 9-12.
[20] Ricardo Puttini, Zakia Marrakchi, Ludovic, 2002, “A Bayesian Classification Model for Real-Time Intrusion Detection”, 22th International Workshop on Bayesian Inference and Maximum Entropy Methods in Science and Engineering (MAXENT'2002), August.
[21] Steven T. Eckmann, Giovanni Vigna, Richard A. Kemmerer,2002, “An attack language for state-based intrusion detection”.
[22] Tseng Shian-Shyong, Lin Yao-Tsung, Lin Shun-Chieh, 2001, “An Intrusion Detection Model Based Upon Intrusion Detection Markup Language (IDML)”, Journal of Information Science and Engineering Vol. 17, pp. 899-919, August 18.
[23] Theuns Verwoerd, Ray Hunt, 2002, “Security architecture testing using IDS-a case study”, Computer Communications 25 pp. 1402-1412.
[24] Vesselin Bontchev, 1998, “Macro virus identification problems” Computer & Security, Vol. 17, No. 1, pp. 69-89.
[25] Wenke Lee, et al, 1999, “A data mining framework for building intrusion detection models”, IEEE Symposium on Security and Privacy, Proceedings of the 1999, pp.120-132.
[26] Yufeng Wu, 1999, “Learning with bayesian networks”, Publications of Mississippi State University, Institute for Signal and Information Processing.

[27] Yingliu Li, et al, 2002, “Enhancing profiles for anomaly detection using time granularities”, Journal of Computer Security, Vol. 10, pp. 137-157.
[28] CERT/CC, 2001, “Internet Security Overview”, http://www.cert.org/present/cert-overview-trends/module-2.pdf .
[29] SANS Resources, 2002, “The Twenty Most Critical Internet Security Vulnerabilities (Updated) The Experts' Consensus”, http://www.sans.org/top20.htm , May.
[30] http://www.apache.org/
[31] http://www.cert.org.tw/
[32] TWCERT技術專欄,July 2002,http://www.cert.org/archive/pdf/attack_trends.pdf。
[33] TWCERT台灣網路危機處理中心,2000),”從網站入侵事件,淺談網站系統安全”,TWCERT技術專欄,4月。
[34] 閻雪,中國大陸的駭客技術,2001,松崗電腦圖書資料股份有限公司,台北。
[35] 李駿偉,田筱榮,黃室昆,2002,“入侵偵測分析方法評估與比較”,,Communication of the CCISA,Vol.8,No. 2,March。
[36] 李勁頤,陳奕明,2002,“分散式入侵偵測系統研究現況介紹”,Communication of the CCISA,Vol.8,No. 2,March。
[37] 陳德培,賴溪松,2002,“入侵偵測系統簡介與實現”,Communication of the CCISA,Vol. 8,No. 2。
[38] 黃于爵,2002,網站入侵偵測系統之研究,雲林科技大學,碩士論文。
[39] 鮑友仲,2002,再談「資料隱碼」攻擊,Hackland 駭客資訊網,http://www.hackland.idv.tw/data_attack-1.htm,4月。
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊