- 學位論文
高效率分散式入侵偵測系統之適應性法則分配演算法
An Adaptive Rule Assignment Algorithm for Efficient Distributed Intrusion Detection System
摘要
本論文主要針對網路分散式入侵偵測系統(Network Distribution Intrusion Detection System - NDIDS) 中,如何使各個Snort Client端 (或 Snort sensor) 的中央處裡器使用率(CPU Loading)達到平衡 (Balance);並提出數種適應性法則分配演算法(An adaptive rule assignment algorithm),本論文中所提數種演算法主要分為兩大部分;一是Snort sensor 法則數的增刪原則;二是增刪法則的選取原則,之後綜合討論各演算法之間的差異性及適用時機。 本文最後將針對分散式系統下各個Snort sensor 環境不同(如中央處理器 - CPU)的效能差異及實驗結果,以及Snort sensor數目在線性成長下的效能表現。
並列摘要
This thesis is mainly connected with Distribution Intrusion Detection System – NDIDS, and how to make each CPU Loading of Snort Clients or Snort sensors reach balance. Besides, this thesis is about two adaptive rule assignment algorithms. One is the increased and deleted principle of the Snort sensor rule. Another is the selected principle of the increased and deleted rule. Furthermore, there is synthetic discussing the differences and suitable time between each algorithm. Finally, this thesis aims at the effect differences and experiment results of the environment differences, as CPU, of each Snort sensor in the distribution system, and the effects of the number of Snort sensor in the linear growth. Key words: Distribution Intrusion Detection System – NDIDS, Adaptive rule assignment, Distribution System
參考文獻
被引用紀錄
延伸閱讀
- 曾仁志(2005)。高效率分散式入侵偵測系統的靜態法則分配演算法〔碩士論文,中原大學〕。華藝線上圖書館。https://doi.org/10.6840/cycu200500489
- 黃詩凱(2019)。分散式系統之防禦偵測方法設計與實作〔碩士論文,國立臺灣大學〕。華藝線上圖書館。https://doi.org/10.6342/NTU201903038
- 陳俊麟、陳俊任(2007)。使用統計方法之常態分配來偵測分散式阻斷服務攻擊。載於美和科技大學資訊管理系暨資訊科技系(主編),南臺灣資訊科技與應用研討會(頁7-14)。美和科技大學資訊管理系暨資訊科技系。https://doi.org/10.29684/NANTAIWANZ.200705.0007
- 曹偉駿、游錦昌(2006)。適用於入侵偵測之高準確度階層式分群演算法。網際網路技術學刊,7(2),177-183。https://doi.org/10.6138/JIT.2006.7.2.07
- Tao, C. (2017). An In-switch Rule Caching and Replacement Algorithm in Software Defined Networks [master's thesis, National Chiao Tung University]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0030-0705201811534707