跳到主要內容

臺灣博碩士論文加值系統

(34.204.169.230) 您好!臺灣時間:2024/03/03 07:55
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:李裕祥
研究生(外文):Yu-Shyang Lee
論文名稱:以環境風險分析為基礎之適應性網路入侵回應架構之回應策略
論文名稱(外文):Response strategy for Adaptive Network Intrusion Response Framework Based on Environment Dependent Risk Analysis
指導教授:田筱榮田筱榮引用關係
指導教授(外文):Hsiao-Rong Tyan
學位類別:碩士
校院名稱:中原大學
系所名稱:資訊工程研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2009
畢業學年度:97
語文別:中文
論文頁數:42
中文關鍵詞:Intrusion detectionAutomatic responseEnvironmental Risk Analysis
外文關鍵詞:Intrusion detectionAutomatic responseEnvironmental Risk Analysis
相關次數:
  • 被引用被引用:0
  • 點閱點閱:141
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
摘要...........................................................................................................................I
Abstract....................................................................................................................II
誌謝........................................................................................................................III
目次........................................................................................................................IV
圖目錄....................................................................................................................VI
表目錄...................................................................................................................VII
第一章 簡介.............................................................................................................1
1.1 背景.............................................................................................................1
1.2 動機.............................................................................................................2
1.3 目的.............................................................................................................2
1.4 論文架構.....................................................................................................3
第二章相關研究....................................................................................................4
2.1 入侵自動回應系統設計.............................................................................4
2.2 自動回應策略的選擇.................................................................................4
2.3 討論.............................................................................................................5
第三章以環境風險分析為基礎之適應性網路入侵回應架構.............................8
3.1 適應性網路入侵回應架構.........................................................................8
3.2 適合個別環境的回應策略.......................................................................10
3.3 回應策略的選擇.......................................................................................12
V
3.3.1 系統狀態.....................................................................................12
3.3.2 回應策略選擇方法.....................................................................16
3.4 回應策略的調整........................................................................................17
第四章系統實驗...................................................................................................23
4.1 實驗環境...................................................................................................23
4.2 實驗設計...................................................................................................23
4.3 實驗結果與討論........................................................................................26
第五章結論與未來工作......................................................................................33
參考文獻................................................................................................................34
圖目錄
圖 3.1 系統架構圖.................................................................................................8
圖3.2 攻擊圖範例[18] .......................................................................................13
圖3.3 策略施行流程圖.......................................................................................17
圖3.4 回應策略回饋流程圖...............................................................................22
圖4.1 實驗系統示意圖.......................................................................................24
圖4.2 實驗系統架構圖.......................................................................................24
圖4.3 實驗結果(TCP_lv1) .................................................................................26
圖4.4 實驗結果(TCP_lv2) .................................................................................26
圖4.5 實驗結果(TCP_lv3) .................................................................................27
圖4.6 實驗結果(TCP_lv3_lv2) .........................................................................27
圖4.7 實驗結果(UDP_lv1) ................................................................................28
圖4.8 實驗結果(UDP_lv2) ................................................................................28
圖4.9 實驗結果(UDP_lv3) ................................................................................29
圖4.10 實驗結果(UDP_lv3_lv2) .........................................................................29
圖4.11 實驗結果(MIX_lv1) ................................................................................30
圖4.12 實驗結果(MIX_lv2) ................................................................................30
圖4.13 實驗結果(MIX_lv3) ................................................................................31
圖4.14 實驗結果(MIX_lv3_lv2) .........................................................................31
表目錄
表 3.1 依照警報內容產生回應策略結果....................................................................12
表3.2 警報資訊內容...........................................................................................15
表3.3 風險指數對應施行結果...........................................................................19
表3.4 攻擊序列資訊對應施行結果...................................................................20
表3.5 回應策略回饋資訊表...............................................................................20
表3.6 回應策略檢查表.......................................................................................21
[1] F. Cohen. “Simulating Cyber Attacks, Defenses, and Consequences,”
http://all.net/ journal/ntb/simulate/simulate.html, May 1999.
[2] W. Lee, W. Fan, M. Millerand, S. Stolfo and E. Zadok, “Towards Cost
Sensitive Modelling for Intrusion Detection and Response,” Journal of
Computer Security, Vol. 10, pp.5-22.
[3] T. Toth and C. Kruegel, “Evaluating the Impact of Automated Intrusion
Response Mechanism,” Proceedings of the 4th International Symposium on
Rent Advances in Intrusion Detection (RAID ’00), Lecture Notes in Computer
Science , Vol. 1907, pp. 177-189.
[4] I. Balepin, S. Maltsev, J. Rowe and K. Levitt, “Using Specification-Based
Intrusion Detection for Automated Response,” Proceedings of the 6th
International Symposium on Rent Advances in Intrusion Detection (RAID ’03),
Lecture Notes in Computer Science , Vol. 2820, pp. 136-154.
[5] B. Foo, Y.-S. Wu, Y.-C. Mao, S. Bagchi and E.H. Spafford, “ADEPTS:
Adaptive Intrusion Response Using Attack Graphs in an E-Commerce
Environment,” Proceedings of the 2005 International Conference on
Dependable Systems and Networks, pp. 508-517.
[6] N. Stakhanova, S. Basu, and J. Wong. “A taxonomy of intrusion response
systems.” International Journal of Information and Computer Security, 1(1/2):
pp.169–184, 2007.
[7] M. E. Locasto, K. Wang, A. D. Keromytis, and S. J. Stolfo. “FLIPS: Hybrid
adaptive intrustion prevention.” In Recent Advances in Intrusion Detection
(RAID), Lecture Notes in Computer Science , Vol. 3850, pp.82-101, 2005
[8] S. Musman and P. Flesher. “System or security managers adaptive response
tool.” In DARPA Information Survivability Conference and Exposition II,
2000.
[9] P. Porras and P. Neumann. “EMERALD: event monitoring enabling responses
to anomalous live disturbances.” In Proceedings of the 1997 National
Information Systems Security Conference, 1997.
[10] G. White, E. Fisch, and U. Pooch.”Cooperating security managers: A
peer-based intrusion detection system.“In IEEE Network, Volume 10, pp.
20–23, 1996.
[11] 吳孟徽,整合環境風險之入侵警報量化評估,中原大學研究所,碩士論文,
中華民國九十四年七月。
[12] 王盛裕,整合環境資訊與入侵警報之風險評估,中原大學研究所,碩士論
文,中華民國九十五年七月。
35
[13] 田筱榮、黃世昆、陳鴻吉, “運用異質資訊提升入侵警報正確率(Improving
the Efficiency of Intrusion Alarm with Heterogeneous Information
Sources)",2004 年台灣網際網路研討會論文集(TANet 2004), Oct. 27-29,
2004, 台東大學, 台東,台灣, pp. 1209-1214.
[14] Nessus, At http://www/nessus.org/
[15] Nmap, At http://nmap.org/
[16] 林崇頤,適應於多量弱點資訊之智慧型攻擊圖形產生器,中原大學研究
所,碩士論文,中華民國九十二年六月。
[17] Snort, At http://www.snort.org/
[18]tfn2k, At http://mixter.void.ru/
[19]CemtOS, At http://www.centos.org/
[20]Iptables, At http://www.netfilter.org/
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top