透過您的圖書館登入 IP:3.145.69.255
透過您的圖書館登入
IP:3.145.69.255
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

可用於雲端環境下之具適應性入侵偵測系統

An Adaptive Network-based Intrusion Detection System on the Cloud Environment

周暉豪(Hui-Hao Chou)
指導教授 : 王勝德
國立臺灣大學/電機資訊學院/電機工程學研究所/碩士(2013年)
https://doi.org/10.6342/NTU.2013.01867
全文下載

摘要

隨著來自網路的攻擊不斷增加,入侵偵測系統經常被設置於網路中的最前端做偵測攻擊之用。為了達到異常偵測的功能,機器學習或資料探勘的演算法經常被用來實作這類的入侵偵測系統。然而,這些演算法通常需要一個龐大且已標記的資料集來做為訓練及學習的對象,而這樣的資料集在現實中是十分難以取得的。在本論文中,我們提出一個具有適應性的入侵偵測系統,此系統使用「譜聚類」這個非監督式學習演算法來標記來自網路上的連線資料,並根據這些資料使用決策樹來建構此系統的偵測器。此外,此系統的架構使其可以很容易的佈署到雲端環境中。實驗結果顯示,此系統經過對新標記的資料集進行適應的過程後,在偵測攻擊的表現上有顯著的進步。

關鍵字

適應性入侵偵測系統 異常入侵偵測系統 譜聚類 決策樹 雲端環境

並列摘要

With the advances and extensive deployment of the computer network, attacks from the Internet increase significantly. In order to detect those intrusions for further defending actions, the network-based intrusion detection system is usually used as the frontline detector. Since the means of attacks change rapidly, the intrusion detection system usually adopts machine learning or data mining algorithms to achieve anomaly detection. However, this kind of algorithms needs a set of labeled data for training the detection model, but this kind of data set is hard to obtain. In this thesis, we proposed a system that is adaptive for the ever-changing network environment. The system can construct a decision tree-based detection model for intrusion detection from unlabeled data by using an unsupervised learning algorithm called spectral clustering. And the system can be easily deployed on the Cloud environment. In the experiments with the DARPA 2000 data set and the KDD Cup 1999 data set, our system shows notable improvement on the detection performance after the adaptation procedure.

並列關鍵字

Adaptive IDS Anomaly IDS Spectral Clustering Decision Tree Cloud Environment

參考文獻

[1] Sourcefire, Inc. Snort [Online]. Available: http://www.snort.org/
[5] W. Lee, S. J. Stolfo, P. K. Chan, E. Eskin, W. Fan, M. Miller, et al., "Real Time Data Mining-based Intrusion Detection," in DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings, 2001, pp. 89-100.
[6] J.-H. Leet, J.-H. Leet, S.-G. Sohn, J.-H. Ryu, and T.-M. Chung, "Effective Value of Decision Tree with KDD 99 Intrusion Detection Datasets for Intrusion Detection System," in Tenth International Conference on Advanced Communication Technology (ICACT 2008), 2008, pp. 1170-1175.
[7] C. Zhang, J. Jiang, and M. Kamel, "Intrusion Detection Using Hierarchical Neural Networks," Pattern Recognition Letters, vol. 26, pp. 779-791, May 2005.
[8] L. L. DeLooze, "Attack Characterization and Intrusion Detection using an Ensemble of Self-Organizing Maps," in 2006 International Joint Conference on Neural Networks, 2006, pp. 108-115.

延伸閱讀

全文下載