完整後設資料紀錄
DC 欄位語言
dc.contributor.author蔡孟凱en_US
dc.contributor.authorMeng-Kai Tsaien_US
dc.contributor.author曾憲雄en_US
dc.contributor.authorShian-Shyong Tsengen_US
dc.date.accessioned2014-12-12T02:30:24Z-
dc.date.available2014-12-12T02:30:24Z-
dc.date.issued2002en_US
dc.identifier.urihttp://140.113.39.130/cdrfb3/record/nctu/#NT910394019en_US
dc.identifier.urihttp://hdl.handle.net/11536/70191-
dc.description.abstract隨著各式各樣的網路攻擊行為日益增加,網路安全逐漸地受到重視。近年來,已經有很多網路入侵偵測系統被開發出來協助管理者偵測這些惡意的行為。但是在眾多的網路入侵偵測系統中,大部分都只能達到偵測攻擊,卻無法達到預防攻擊的目的。在這篇論文中,我們提出一個基於有限狀態機且具有預知能力的網路入侵偵測系統 (FA-FNIDS) 來預防攻擊的發生。這個系統擁有一個管理中心以及三個處理階段。首先,我們整合通訊協定的運作模式以及使用者的使用習慣來建構一套正常的通訊協定運作知識庫。透過這個知識庫所提供的知識以及我們所提的有限狀態機比對演算法,可以在真正的攻擊開始之前,就將這些可疑的攻擊者過濾掉,以達到預防攻擊的目標。同時,我們也利用SPIRIT[13]資料探勘演算法來對我們所收集的使用者習慣定期地做進一步的挖掘,以期讓我們的系統具有更準確的判斷力。所以,我們希望可以透過這套系統達到預防攻擊的目標,進而發現新的攻擊模式。效率的追求以及一般的偵測能力也是我們所注重的議題。最後,我們也做了三個實驗來驗證FA-FNIDS的效能及偵測能力。zh_TW
dc.description.abstractDue to the rapid growth of various network intrusions, network security is becoming an important issue. In recent years, a lot of network intrusion detection systems (NIDSs) have been developed to assist administrators in detecting the malevolent attacks. However, most of the NIDSs may not prevent attacks in probing phase. In order to prevent attacks, a Finite Automata Based Foresight Network Intrusion Detection System (FA-FNIDS) will be proposed in this thesis. The FA-FNIDS consists of a Management Center and three phases. Firstly, the protocol behavior and user behavior will be integrated to construct normal enhanced protocol behaviors which are provided for finite automata matching algorithm. The matching algorithm is used to calculate the malevolent probability for Management Center judging the degree of dangerous for a connection. For increasing the detection accuracy of FA-FNIDS, the SPIRIT mining algorithm[13] is used to discover the frequent user behaviors periodically. Therefore, the FA-FNIDS can prevent attacks and further find novel attacks. Finally, three experiments will also be done for evaluating the efficiency and the detection ability of our FA-FNIDS.en_US
dc.language.isozh_TWen_US
dc.subject網路入侵偵測系統zh_TW
dc.subject有限狀態機zh_TW
dc.subjectXMLzh_TW
dc.subject資料探勘zh_TW
dc.subject通訊協定zh_TW
dc.subjectNIDSen_US
dc.subjectFinite Automataen_US
dc.subjectXMLen_US
dc.subjectData Miningen_US
dc.subjectProtocolen_US
dc.title基於有限狀態機且具有預知能力的網路入侵偵測系統zh_TW
dc.titleA Finite Automata Based Foresight Network Intrusion Detection Systemen_US
dc.typeThesisen_US
dc.contributor.department資訊科學與工程研究所zh_TW
顯示於類別:畢業論文