透過您的圖書館登入 IP:18.217.106.238
透過您的圖書館登入
IP:18.217.106.238
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

高效率分散式入侵偵測系統的靜態法則分配演算法

A Static Rule Assignment Algorithm for Efficient Distributed Intrusion Detection System

曾仁志(Jen-Chih Tseng)
指導教授 : 阮議聰 蔡明達
中原大學/工學院/資訊工程研究所/碩士(2005年)
https://doi.org/10.6840/cycu200500489
若您是本文的作者,可授權文章由華藝線上圖書館中協助推廣。
未授權

摘要

在本論文中我們提出一個分析疑似入侵攻擊法則的方法,當有疑似攻擊時,使得各台機器被分配的法則處理負荷降低並且能夠平均化。所使用的入侵偵測軟體—Snort2.2.0。 Snort將近有三千條的法則,在將這麼多條的法則中,如何挑選法則分配至各台Snort中。利用Snort比對封包的順序作為依據,並且對法則依照此順序作排序,再平均分配法至多台Snort中。當然,有可能每台機器處理的速度不一致,造成某幾台處理負荷過重,無法平均工作的負荷,所以,給予每條法則權重(weight),處理速度較快的機器處理權重較高的法則,反之,處理速度較慢的機器處理權重較低的法則。也將利用Snort Rule Header作為分類Rule類別的依據,Snort法則利用類別及法則權重平均分配至各台機器。 如何給予法則權重以及此演算法所造成的影響提出討論。

關鍵字

分散式 入侵偵測系統 權重 分類 法則

並列摘要

In this paper, we propose a method to analyze the rule of intrusion. When having the intrusion, each snort sensor detect the intrusion according to its rules and can balance cpu loading between snort sensor. And we use the snort-verion 2.2.0. Snort has almost three thousand rules about intrusion signature. As many rules, and we how to pick rules to each snort sensor. According to the order of snort against packets, and sort with this order, then dispatch rules to snort sensor equally. Of course, each sensor’s ability is different, may cause some sensor are overloaded, couldn’t balance between snort sensor. So, give the weight to each rule, the snort sensor with higher ability would be dispatched the heavier rule. On the other hand, snort sensor with lower ability would be dispatched the lighter rule. And we also classify the snort rule according to Snort Rule Header. Snort rules would be dispatched to each snort sensor equally. Finally, we will illustrate how to give the rule weight and the influence about the algorithm.

並列關鍵字

Distributed Intrusion detection system classify Snort rule

參考文獻

[1] Xinzhou Qin, Wenke Lee, Lewis, L , Cabrera, J.B.D. , “Integrating intrusion detection and network management,” IEEE/IFIP Network Operations and Management Symposium, April 2002, pp. 15-19.
[2] Richard A. Kemmerer, and Giovanni Vigna, “Intrusion Detection: A Brief History and Overview,” IEEE Computer, Volume: 35, Issue: 4, April 2002, pp. 27-30.
[6] Yan Qiao, Xie Weixin, “A Network IDS with Low False Positive Rate,” IEEE Proceedings of the 2002 Congress on Evolutionary Computation CEC '02., Volume: 2 , 12-17 May 2002, pp.1121-1126.
[10]Book: Thomas H. Cornen, Charles E. Leiserson, Ronald L. Rivest, Clifford Stein, “Introduction to Algorithms, Second Edition”, McGraw-Hill Book Company.
參考文獻

被引用紀錄

徐英哲(2005)。高效率分散式入侵偵測系統之適應性法則分配演算法〔碩士論文,中原大學〕。華藝線上圖書館。https://doi.org/10.6840/cycu200500481

延伸閱讀

未授權