入侵偵測在網路安全中是一個關鍵性的重要議題。傳統的入侵偵測方式,是基於已知的攻擊模式來做比對。透過比對網路流量特徵與人類專家所提供的攻擊特徵,來做入侵偵測判斷。這與電信網路中,比對電信網路流量特徵與人類專家所提供的設備故障流量特徵來做障礙判斷,是一樣的方式。而在入侵偵測的領域,已經有多公司成功的開發出IDS(Intrusion Detection System),其中不乏使用類神經網路的例子。 因此,本論文試圖藉由收集SCP(Service Control Point)上的通聯記錄並加以正規化處理,事先針對電信網路流量特徵來分類正常以及異常的結果,藉以建立類神經網路模組。本研究針對電信網路中智慧型網路080系統之SRP(Special Resource Point)系統,利用建立好的類神經網路模組對通聯紀錄做分析。期望可以在SRP系統發生障礙的初期,即時判斷出障礙的發生,進而自動告警。 最後,實現了10分鐘之內可以偵測出SRP系統故障,並且於16分鐘時開始傳送簡訊給系統管理人員。相較於之前等待用戶申告才知道障礙發生,所縮短的障礙偵測時間是相當可觀的!
Intrusion detection is a very important topic in network security. Traditional intrusion detection is based on known attack models. To identify the intrusion, human experts are involved by comparing the network flow characteristics and the attack models. This is the same way that human experts compare the telecommunications network flow characteristics and the equipment failure models. In the intrusion detection areas, many companies have already developed IDS(Intrusion Detection System). ANN(Artificial Neural Network)are used in many of them. In this thesis, collecting and normalizing the call trace on SCP(Service Control Point)are used for classification of normal or abnormal cases by telecommunications network flow characteristics. ANN model is developed to identify the abnormal conditions. It is expected that the developed system is capable of identifying the SRP(Special Resource Point)system failure in the initial stage.