中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/13155
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41651349      Online Users : 1541
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/13155


    Title: 優化入侵規則庫;Optimization for intrusion rule database
    Authors: 曾成訓;Cheng-Hsin Cheng
    Contributors: 資訊管理學系碩士在職專班
    Keywords: 入侵偵測系統;網路安全;snort;IDS;intrusion
    Date: 2005-06-09
    Issue Date: 2009-09-22 15:24:59 (UTC+8)
    Publisher: 國立中央大學圖書館
    Abstract: 無法否認地,網路已經成為新經濟時代的成長動力之一,企業們如欲節省成本、增加效率、密切掌握全球經濟脈動,都不能自絕於網路的浪潮下;然而,隨著更多的企業將內部資源開放與網路進行聯動,代表著未知的安全風險也相對的升高,即便是一點微小、想像不到的保全疏忽,都有可能將辛苦建立的防護機制暴露於潛在的威脅當中。 因此,隨著企業對於安全防護的重視,入侵偵測系統在近年來甚受重視;它可偵測任何有意進犯企業安全的危險行為,並通知或預警給相關人員處理;它針對入侵行為的偵測方式是採用所謂的特徵比對方法,優點是偵測率高,方便企業依規則自行定義本身的環境來學習;然而,隨著網路速度提升及各種新技術的發明,採用精確比對的特徵比對方法,卻因為其愈來愈形龐大的資料庫而成為入侵偵測系統效率的殺手。 本論文試圖從優化入侵規則庫方向,以降低龐大規則庫對於入侵偵測系統效率的影響,並透過自動的方式,將優化作業皆置於背景執行,不致於造成系統管理員的負擔。 The network technology has been one of motive forces today for enterprises growing. Any enterprises who want to save costs, increase efficiency, or catch up with world’s economical trend can not resist investment on networking. Though network technology brings us so many advantages, a very little negligence on network security will cause a destructive consequence to an enterprise. So, with more and more resources are open and shared on network, more technologies on how to protect and prevent information safety from potential intrusions are researched. Intrusion detection system is popular in these years, which can detect any behaviors with bad intentions, and announce to security team in enterprise. Most Intrusion detection system use the method of pattern matching to judge an intrusion, the strong point for the method is its high detection rate, and easy to configure for different types of network environments. But with higher network speed and varies kinds of intrusion skills, the database of intrusion detection rule which Intrusion detection system relay on is swollen up day by day, and become a killer for Intrusion detection system’s efficiency. In this paper, we tried to increase efficiency of a huge intrusion rule database accessed by Intrusion detection system by means of optimization, and the system for optimizing is automatically carried out in background to decrease the loading for an administrator.
    Appears in Collections:[Executive Master of Information Management] Electronic Thesis & Dissertation

    Files in This Item:

    File SizeFormat


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明