English  |  正體中文  |  简体中文  |  Items with full text/Total items : 65421/65421 (100%)
Visitors : 22308059      Online Users : 176
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/8398


    Title: 基於Router轉送紀錄的洪流訊務檢測系統;Flow-based Flooding Detection System
    Authors: 楊素秋;Su-Chiu Yang
    Contributors: 資訊工程研究所
    Keywords: 廣告電子郵件;洪流訊務檢測系統;P2P訊務量測;安全弱點掃描;Flow-based flooding detection system (FDS);spam;P2P traffic measurement;scanning flooding
    Date: 2004-06-16
    Issue Date: 2009-09-22 11:25:55 (UTC+8)
    Publisher: 國立中央大學圖書館
    Abstract: 論文提要 本論文陳述兩項主要的研究成果:洪流訊務檢測系統(FDS)與非內容查驗式的P2P訊務量測系統. FDS系統的第一要務是依據各類洪流攻擊特性選定傳訊特性項,作為訊務量測的基礎. 當轉送訊務紀錄被饋入系統時, 量測模組便能高效率地統計top-N的flooding訊務,例如:ICMP/UDP等即時性 packet flooding、 scanning/SYN flooding、 SMTP flooding.並提供檢測模組定期加總各時段的flooding訊務,比對packet size, packet rate或flow rate等訊務臨界值,篩選異常的攻擊訊務並自動通告用戶,或限制嚴重攻擊源的通訊. 本研究也依據P2P網路的高頻次連接特性,實做非內容查驗式的P2P訊務量測系統,協助網路用戶與管理者掌握大傳訊量的P2P節點, P2P應用阜的訊務分布. Flow-based FDS與P2P量測系統已成功地裝設於一個TANet骨幹節點網路,持續執行flooding訊務量測與檢測,自動發送電子郵件通知用戶或管理者修補感染的系統,也自動設定骨幹router限流嚴重的異常flooding訊務. 統計的通告abuse 訊務與flooding檢測結果間的相關數據也顯示: 相當高比率的被通告abuse主機 (包括: scanning/SYN flooding、 spam 、違反智財權) 可由自動檢測的異常訊務列中檢得. Abstract In this thesis, we present two specific contributions, the flow-based flooding detection system (FDS) and P2P traffic measurement system. The key idea of FDS is constructing the set of features and corresponding criteria according to the interested flooding behaviors, and aggregating the flooding traffic based on the constructed features. Then, the detection module accumulates the interested statistical variables, and compares those traffic variables with the thresholds. Once all the variables exceeded the estimated quantifiers, the detector alarms the anomalies and trigs response module to notify owners of the anomalous systems, and limit the significant real-time flooding traffic. The flow-based P2P traffic measurement system is developed based on the connection-intensive feature of P2P network for providing network users grasp the P2P traffic and the aggressive participants. FDS and P2P traffic measurement systems have been deployed over an aggregate network of TANet backbone for effectively detecting and limiting the significant flooding anomalies. The detection result shows that a high proportion of the notified abuse traffic, including port scanning, spam, and copyright infringement, could be picked up from the detected anomalies and the measured aggressive P2P peers.
    Appears in Collections:[資訊工程研究所] 博碩士論文

    Files in This Item:

    File SizeFormat
    0KbUnknown514View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback  - 隱私權政策聲明