中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/44036
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 78818/78818 (100%)
Visitors : 34713050      Online Users : 812
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/44036


    Title: 基於精確時間間隔之網路入侵行為事件序列研究;Network Intrusion Sequence Research Based on Specific Time Interval
    Authors: 何順全;Shun-Chuan Ho
    Contributors: 企業管理研究所
    Keywords: 序列型樣探勘;時間間隔;網路入侵行為;網路安全;intrusion behaviors;mining sequential pattern;time-interval;network security
    Date: 2010-07-28
    Issue Date: 2010-12-08 14:46:31 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 本研究主要在運用事件序列和精確時間間隔的資料探勘演算法,提供精確的網路入侵行為規律辨識方法。為了維護網路安全,一般的入侵偵測系統必需全面的監控網路環境的所有訊息。然而,大多數傳統的入侵偵測方法產生太多的入侵警報,迫使網路管理者必需面對繁多的可疑事件進行大量調查,以確定其潛在的入侵行為的可能程度。 為了解決這個問題,本研究針對網路用戶行為進行精確時間間隔集群分析與序列型樣分析,以便比較有效的找出入侵行為模式。研究結果所產生的入侵行為事件序列型樣,除了列出所有入侵事件的順序關係之外,同時也針對所有可能的時間間隔進行分群分析,比較以往的研究更能確切找出入侵事件之間的頻繁時間間隔。藉由本研究的結果,網路管理者可以更加精確的辨識網路攻擊的事件類型與可能發生的順序以及時間點,讓網路管理者有效的集中時間與心力來監督並維護網路的安全。 This research models the sequences and time-intervals of network intrusion. In order to maintain network security, common intrusion detection systems have to monitor the entire network environment. However, most traditional detection methods generate too many intrusion alerts, which forces network administrators to conduct numerous investigations of suspicious incidents to determine potential intrusion behavior. To solve this problem, this research combines specific time-interval clustering analysis of online user’s behaviors with sequential pattern analysis to provide specific rules of intrusion behaviors. The acquired sequential pattern of the intrusion events lists the ordered relationship of all intrusion related events. In addition, the possible time-intervals between events are analyzed and clustered to indentify exact frequent time-intervals. The proposed method can provide specific intrusion information to the network administrator, which effectively helps him to monitor and maintain network security with less time and effort.
    Appears in Collections:[Graduate Institute of Business Administration] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML899View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明