跳到主要內容

臺灣博碩士論文加值系統

(3.236.124.56) 您好!臺灣時間:2021/07/28 08:41
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:陳亮伸
研究生(外文):Liang-shen Chen
論文名稱:基於先前連線統計所建立異常規則之網路入侵偵測系統
論文名稱(外文):Network Intrusion Detection System Using Anomalous Rules Based on Previous Connection Statistics
指導教授:歐陽彥杰
指導教授(外文):Yen-Chieh Ouyang
學位類別:碩士
校院名稱:國立中興大學
系所名稱:電機工程學系所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2008
畢業學年度:96
語文別:中文
論文頁數:52
中文關鍵詞:網路入侵偵測正面表列負面表列
外文關鍵詞:network intrusion detectionNIDSmisuse detectionanomaly detection
相關次數:
  • 被引用被引用:1
  • 點閱點閱:176
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
網路入侵偵測系統(network intrusion detection System, NIDS)大多數使用負面表列(misuse-detection)來偵測網路入侵行為,此缺點為需預先內建資料庫樣式比對的功能,而網路入侵行為種類繁多,很難全部網羅。而正面表列方式(anomaly-detection)從網路行為實例中來建立入侵偵測的正常門檻值(threshold),優點為可以省略事先須建立大量比對樣式的資料庫,和建立最適合各別主機環境的基線樣式。本論文使用模糊認知圖(fuzzy cognitive maps, FCM)、C4.5決策樹(C4.5 decision tree)、成員函數(membership function)的建立和資料探勘(data mining)來完成網路行為資料的歸類、統計和建立標準基線(normal baseline)的技術,來建立正面表列(anomaly Rule)的網路入侵偵測系統(NIDS)。
In network intrusion detection system (NIDS), most systems make use of Misuse-Detection method to detect the network intrusion behaviors. This method requires a great number of built-in data for pattern comparison, and also cannot be classified every detected patterns in internet. The proposed anomaly-detection method just needs the network training instances to build the detective threshold. This method omits a great number of comparative data which need to be built in advance and a normal mode is set so that it can suit for most individual personal computers to detect an abnormal flow from networks. In this thesis we propose a network detection system of anomalous framework by using fuzzy cognitive maps techniques (FCM), C4.5 Decision Tree, membership function and data mining to work for the classifications and statistics. The system can use normal baseline to determine the threshold for the NIDS.
第一章 緒論
1.1 研究背景-------------------------------------------1
1.2 動機和目的-----------------------------------------1
1.3 論文架構-------------------------------------------1
第二章 實體架構介紹
2.1 入侵偵測系統簡介-----------------------------------3
2.2 系統架構簡介---------------------------------------3
2.3 防火牆模組(Firewall Module)簡介--------------------5
2.4 標準基線訓練模組(Normal Baseline Training Module)簡介----6
2.5 即時偵測者模組(Real-time Detector Module)簡介------9
第三章 架構理論
3.1 防火牆規則探勘(Firewall Rules Mining)-------------11
3.2 模糊認知圖(Fuzzy Cognitive Maps,FCM)--------------14
3.3 C4.5 決策樹(C4.5 Decision Tree)-------------------16
3.4 成員函數建立(Membership Function Building)--------20
3.5 資料探勘(Data Mining)-----------------------------24
第四章 實體架構流程
4.1 防火牆模組(Firewall Module)-----------------------26
4.2 標準基線訓練模組(Normal Baseline Training Module)-29
4.3 即時偵測模組(Real-time Detector Module)-----------39
第五章 實驗數據
5.1 模擬實驗環境--------------------------------------41
5.2 模擬實驗方法--------------------------------------42
5.3 模擬實驗結果--------------------------------------44
5.4 模擬測試問題點分析--------------------------------48
第六章 結論
6.1 結論----------------------------------------------49
[1] J.R. Quilan, “C4.5 : Programs for Machine
learning” Morgan Kaufmann, 1993.
[2] G.. Korosh, K. M. Richard, K. Latifur, A. Ehab,
“Analysis of Firewall Policy Rules Using Data Mining
Techniques” Network Operations and Management
Symposium, 2006. NOMS 2006. 10th IEEE/IFIP.
[3] K. Bart, "Fuzzy Cognitive Maps" International Journal
of Man-MachineStudies, vol. 24, pp. 65-74, 1986.
[4] K. Bart, "Virtual Worlds as Fuzzy Cognitive Maps" with
J.A. Dickerson, Presence, vol. 3, no. 2, pp. 173-189,
Spring 1994.
[5] L. Wenke, J. S. Salvatore, W. M. Kui, "A Data Mining
Framework for Building Intrusion Detection Models"
1999 IEEE Symposium on Security and Privacy P. 0120
[6] H. Tzung-Pei, C. Jyh-Bin "Building a concise decision
table for fuzzy rule induction" Fuzzy Systems
Proceedings, 1998. IEEE World Congress on
computational Intelligence., The 1998 IEEE
International Conference on Volume 2, Issue , 4-9 May
1998 Page(s):997 - 1002 vol.2
[7] H. Tzung-Pei, C. Jyh-Bin "Building a hierarchical
representation of membership functions" Tools with
Artificial Intelligence, 1998. Proceedings. Tenth IEEE
International Conference on.
[8] S. Ambareen, B. V. Rayford, M. B. Susan, "Decision
Making For Network Health Assessment In An Intelligent
Intrusion Detection System Architecture. International
Journal of Information Technology and Decision Making"
3(2): 281-306 (2004)
[9] T. Cheng-Fa, L. Yi-Chau, C. Chi-Pin, "Fast Algorithms
for Mining Association Rules" Systems, Man and
Cybernetics, 2002 IEEE International Conference on
[10] H. Tzung-Pei, C. Jyh-Bin, "Finding relevant
attributes and membership functions" Fuzzy Sets and
Systems Volume 103, Issue 3, 1 May 1999, Pages 389-
404
[11] M. B. Susan, B. V. Rayford, "FUZZY DATA MINING AND
GENETIC ALGORITHMS APPLIED TO INTRUSION DETECTION"
Presented at the National Information Systems
Security Conference (NISSC), October 16-19, 2000,
Baltimore, MD.
[12] S. Ambareen, B. V. Rayford, M. B. Susan, "Intrusion
Sensor Data Fusion in an Intelligent Intrusion
Detection System Architecture" Proceedings of the
37th Hawaii International Conference on System
Sciences – 2004
[13] P. A. Porras; A. Valdes; Live Traffic Analysis of
TCP/IP Gateways, Networks and Distributed Systems
Security Symposium, Mar 1998.
[14] A. Rakesh, I. Tomasz and S. Arun, “Mining
association rules between sets of items in large
databases,” In Proceedings of 1993 ACM SIGMOD
International Conference on Management of Data,
Washington, D.C., pp. 207-216, May 1993.
[15] L. Jianxiong, M. B. Susan, Mining fuzzy association
rules and fuzzy frequency episodes for intrusion
detection, International Journal of Intelligent
Systems. Vol. 15, Iss. 8, (2000), pp. 687-703.
[16] C4.5 Algorithm Tutorial
http://www2.cs.uregina.ca/~dbd/cs831/notes/ml/dtrees/
c4.5/tutorial.html
[17] TCPDUMP man page
http://linux.die.net/man/8/tcpdump
[18] Linux iptables
http://www.yolinux.com/TUTORIALS
/LinuxTutorialIptablesNetworkGateway.html
[19] MYSQL Database
http://www.mysql.com/
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊