:::

詳目顯示

回上一頁
題名:以資料探勘技術改善國軍網路入侵偵測效能之研究
書刊名:復興崗學報
作者:吳文進
作者(外文):Wu, Wen-chin
出版日期:2008
卷期:92
頁次:頁177-211
主題關鍵詞:入侵偵測倒傳遞類神經網路資料探勘網路安全資訊安全Intrusion detectionBack propagation neural networkData miningInternet securityInformation security
原始連結:連回原系統網址new window
相關次數:
  • 被引用次數被引用次數:期刊(0) 博士論文(0) 專書(0) 專書論文(0)
  • 排除自我引用排除自我引用:0
  • 共同引用共同引用:0
  • 點閱點閱:197
資訊及通訊科技的快速發展與普及化,已成為生活與工作中不可或缺的重要工具,不論政府機關(構)、企業組織乃至於個人用戶,對電腦與網路的依賴日趨緊密,但相對所引發的資通安全防護問題卻益顯嚴重。因應數位時代的來臨,政府部門自1994 年起陸續推展「數位台灣」相關計畫,並於2008 年3 月首度發表「資通安全政策白皮書」,揭示資通信科技發展與資通安全政策要求應同步與時推移之決心。國軍屬政府機關一環,在資訊化、自動化建軍理念引領下,不容置外於資通安全政策規範,尤其因應戰備任務需求與國軍網路機敏特性,除厲行「實體隔離」政策以實現「資訊邊疆」保護概念之外,更應採行「保護-偵測-反應-復原」四個風險管控策略來有效防堵資通安全防護缺口。 在眾多資通安全防護機制中,入侵偵測系統可以有效偵測入侵滲透及人員濫(誤)用行為,並能提供適切的補償控制措施與建議,符合風險管控保護、偵測及反應之防護策略,可視為國軍落實資通安全政策要求與落實執行之重要機制。為結合現階段國軍需求,發展專用之入侵偵測系統以確保國軍網路安全,本研究深入分析入侵偵測系統運作之架構,從封包偵測效能瓶頸點,尋思結合資料探勘技術與前置封包分類器來改善偵測效能,經實驗證明,利用資料探勘技術實作前置封包表頭分類器的確可以改善封包比對效能不佳與正確率低等問題,而在多種分類器演算法中,又以倒傳遞類神經網路最佳,其正確率92.704% 稍低於約略集合理論92.867% ,但執行速度可增加約112.95 倍,同時還兼具偵測未知攻擊的能力。本研究除能為國軍落實資通安全防護提供更多的選項之外,前置封包分類器的實作亦能使國軍實現資通安全無虞之目標更邁向前一步。
Intrusion detection system can effectively detect intrusion, penetration and the misuse behavior by staff as well as appropriately apply for compensation measure, control measure, and suggestion to fit the protection strategy of risk control and prevention, detection and reaction in the midst of the information and communication security mechanism. Intrusion detection system is an important mechanism to request and perform the information and communication security policy for military. The study is to analyze the operation framework of intrusion detection system for finding the bottleneck of intrusion detection system efficiency in order to help the military build a personalized intrusion detection system to protect military networks. Setting packet classifier and head classifier before using the technique of data mining could improve poor efficiency of compare package and low accuracy through the evidence from experiments. Back Propagation Neural Network(BPN) is the best one of the multiple classifier algorithm, and its accuracy is up to 92.704% roughly lower than Rough Set Theory(RST) is up to 92.867%; however its executed velocity could increase some 112.95 times and detect the unforeseen the attacking ability. Therefore, the study is not only to apply for more choices to perform information and communication protection but also to help the military to reach the goal about the nest step in the future of not leaking the military information and communication.
期刊論文
1.Kruegel, C.、Valeur, F.、Vigna, G.、Kemmerer, R. A.(2002)。Stateful intrusion detection for high-speed networks。IEEE Symposium on Security and Privacy,10,285-294。  new window
2.Hegazy, I. M.、Ahmed, T.(2005)。Evaluating how well agent-based IDS perform。IEEE Potentials,24(2),27-30。  new window
3.Sheriff, Joseph S.、Ayers, Rod(2003)。Intrusion detection: Methods and system。Information Management and computer security,11(5),222-229。  new window
4.Gupta, P.、McKeown, N.(2001)。Algorithms for packet classification。IEEE Network,15(2),24-32。  new window
5.Lippmann, Richard P.、Cunningham, Robert K.(2000)。Improving intrusion detection performance using keyword selection and neural networks。Computer Networks,34(4),597-603。  new window
6.Jake, Ryan、Lin, Meng-Jang(1998)。Intrusion Detection with Neural Networks。Advances in neural information processing systems,10,943。  new window
7.李駿偉、田筱榮、黃世昆(20020300)。入侵偵測分析方法評估與比較。資訊安全通訊,8(2),21-37。  延伸查詢new window
8.Pawlak, Z.、Słowiński, R.(1994)。Rough set approach to multi-attribute decision analysis。European Journal of Operational Research,72(3),443-459。  new window
9.Lee, W.、Stolfo, S. J.、Mok, K. W.(1999)。A data mining framework for building intrusion detection models。IEEE Symposium on Security and Privacy,13,120-132。  new window
會議論文
1.黃承龍、唐文政(2003)。應用約略集合於醫學與信用卡資料之分類。第九屆資訊管理暨實務研討會。台北:中原大學。  延伸查詢new window
2.Al-Subaie, M.、Zulkernine, M.(2006)。Efficacy of Hidden Markov Models Over Neural Networks in Anomaly Intrusion Detection。30th Annual International Computer Software and Applications Conference。  new window
3.Anagnostopoulos, T.、Anagnostopoulos, C.、Hadjiefthymiades, S.(2005)。Enabling attack behavior prediction in ubiquitous environments。International Conference on Pervasive Services 2005。  new window
4.Burroughs, D. J.、Wilson, L. F.、Cybenko, G. V.(2002)。Analysis of distributed intrusion detection systems using Bayesian methods。21st IEEE International Performance Computing and Communications Conference 2002。  new window
5.Bonifacio, J. M.(1998)。Neural networks applied in intrusion detection systems。IEEE World Congress on Computational Intelligence。  new window
6.Gao, Bo、Ma, Hui-Ye、Yang, Yu-Hang(2002)。HMMs (Hidden Markov models) based on anomaly intrusion detection method。International Conference on Machine Learning and Cybernetics 2002,381-385。  new window
7.Bolzoni, D.、Etalle, S.、Hartel, P.(2006)。POSEIDON: a 2-tier anomaly-based network intrusion detection system。IEEE International Workshop on Information Assurance。  new window
8.Depren, M. O.、Topallar, M.、Anarim, E.、Ciliz, K.(2004)。Network-based anomaly intrusion detection system using SOMs。The IEEE 12th Signal Processing and Communications Applications Conference,76-79。  new window
9.Faour, A.、Leray, P.、Eter, B.(2006)。A SOM and Bayesian Network Architecture for Alert Filtering in Network Intrusion Detection Systems。International Conference on Information & Communication Technologies 2006。  new window
10.Gao, Fei、Sun, Jizhou、Wei, Zunce(2003)。The prediction role of hidden Markov model in intrusion detection。Canadian Conference on Electrical and Computer Engineering,893-896。  new window
11.Guan, Jian、Liu, Da-Xin、Cui, Bin-Ge(2004)。An induction learning approach for building intrusion detection models using genetic algorithms。Intelligent Control and Automation, Fifth World Congress。  new window
12.Charitakis, I.、Anagnostakis, K.、Markatos, E.(2003)。An active traffic splitter architecture for intrusion detection。11th IEEE/ACM International Symposium on Modeling, Analysis and Simulation of Computer Telecommunications Systems, 2003,238-241。  new window
13.Kruegel, C.(2003)。Bayesian event classification for intrusion detection。19th Annual Computer Security Applications Conference,14-23。  new window
14.Kussul, N.(2003)。Intelligent multi-agent information security system。The Second IEEE International Workshop,120-122。  new window
15.Lei, J. Z.、Ghorbani, A.(2004)。Network intrusion detection using an improved competitive learning neural network。The Second Annual Conference on Communication Networks and Services Research,190-197。  new window
16.Wang, Lina(2001)。Method of evolutionary neural network-based intrusion detection。2001 International Conferences on Info-Tech and Info-Net,13-18。  new window
17.Ouyang, Ming-Guang、Wang, Wei-Nong、Zhang, Yun-Tao(2002)。A fuzzy comprehensive evaluation based distributed intrusion detection。International Conference on Machine Learning and Cybernetics,281-284。  new window
18.Mill, J.、Inoue, A.(2004)。Support vector classifiers and network intrusion detection。2004 IEEE International Conference on Fuzzy Systems,407-410。  new window
19.Orfila, A.、Carbó, J.、Ribagorda, A.(2003)。A Fuzzy logic on decision model for IDS, Fuzzy Systems。The 12th IEEE International Conference。  new window
20.Han, Sang-Jun、Cho, Sung-Bae(2003)。Rule-based integration of multiple measure-models for effective intrusion detection Systems。2003 IEEE International Conference on Systems, Man and Cybernetics。  new window
21.Lu, Wei、Traore, I.(2003)。Detecting New Forms of Network Intrusion Using Genetic Programming。The 2003 Congress on Evolutionary Computation,2165-2172。  new window
22.Zhang, Xueqin、Gu, Chunhua、Lin, Jiajun(2006)。Support Vector Machines for Anomaly Detection。2006 6th World Congress on Intelligent Control and Automation。  new window
23.Yang, Xiang-Rong、Song, Qin-Bao、Shen, Jun-Yi(2001)。Implementation of sequence patterns mining in network intrusion detection system。2001 International Conferences on Info-Tech and Info-Net,19-23。  new window
24.Kou, Yufeng(2004)。Survey of fraud detection techniques。IEEE International Conference on Networking, Sensing and Control,749-754。  new window
25.Zhang, Zonghua、Shen, Hong(2004)。Online training of SVMs for real-time intrusion detection。18th International Conference on Advanced Information Networking and Applications, 2004。  new window
26.Xu, Zhoujun、Sun, Jizhou、Li, Wenjie(2004)。Intrusion detection using fuzzy window Markov model。Canadian Conference on Electrical and Computer Engineering 2004。  new window
27.Fayyad, U. M.、Irani, K. B.(1993)。Multi-interval discretization of continuous-valued attributes for classification learning。The 13th International Joint Conference on Artificial Intelligence,1002-1007。  new window
學位論文
1.吳文進(2004)。利用排除的觀念改善入侵偵測特徵比對效能之研究(碩士論文)。華梵大學。  延伸查詢new window
圖書
1.行政院科技顧問組(20080314)。2008資通安全政策白皮書。台北:行政院科技顧問組。  延伸查詢new window
2.Schneier, Bruce、吳蔓玲(2001)。祕密與謊言--如何建構網路安全防護系統。台北:商周。  延伸查詢new window
3.Northcutt, Stephen、Novak, Judy、陳正昌(2002)。網路入侵偵測教戰手冊。台北:培生教育。  延伸查詢new window
4.Bace, Rebecca Gurley、賴冠州(2001)。駭客入侵偵測專業手冊。台北:旗標出版社。  延伸查詢new window
5.Beale, Jay(2003)。Snort 2.0 Intrusion Detection。Syngress。  new window
6.Proctor, Paul E.(2000)。The Practical Intrusion Detection Handbook。Prentice Hall。  new window
7.Bace, Rebecca、Mell, Peter(2003)。An overview of issues in testing intrusion detection systems。Gaithersburg:U.S. Dept. of Commerce, National Institute of Standards and Technology。  new window
8.葉怡成(2003)。類神經網路模式--應用與實作。台北:儒林圖書公司。  延伸查詢new window
9.Pawlak, Z.(1991)。Rough Sets: Theoretical Aspects of Reasoning about Data。Kluwer Academic Publishers。  new window
10.Han, Jiawei、Kamber, Micheline(2001)。Data mining: concepts and techniques。Oxford, CA:Morgan Kaufmann Publisher, Inc.。  new window
11.Vapnik, Vladimir N.(1998)。Statistical Learning Theory。John Wiley and Sons, Inc.。  new window
12.Cristianini, N.、Shawe-Taylor, John(2000)。An Introduction to Support Vector Machines and Other Kernel-based Learning Methods。Cambridge University Press。  new window
其他
1.SANS Institute(2001)。Application of Neural Networks to Intrusion Detection,http://www.sans.org/reading_room/whitepapers/detection/336.php, 2008/03/10。  new window
 
 
 
 
第一頁 上一頁 下一頁 最後一頁 top
:::
1. 資訊安全
 
無相關著作
 
QR Code
QRCODE