中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/8398
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 66984/66984 (100%)
造访人次 : 22679182      在线人数 : 265
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
  • 进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/8398


    题名: 基於Router轉送紀錄的洪流訊務檢測系統;Flow-based Flooding Detection System
    作者: 楊素秋;Su-Chiu Yang
    贡献者: 資訊工程研究所
    关键词: 廣告電子郵件;洪流訊務檢測系統;P2P訊務量測;安全弱點掃描;Flow-based flooding detection system (FDS);spam;P2P traffic measurement;scanning flooding
    日期: 2004-06-16
    上传时间: 2009-09-22 11:25:55 (UTC+8)
    出版者: 國立中央大學圖書館
    摘要: 論文提要 本論文陳述兩項主要的研究成果:洪流訊務檢測系統(FDS)與非內容查驗式的P2P訊務量測系統. FDS系統的第一要務是依據各類洪流攻擊特性選定傳訊特性項,作為訊務量測的基礎. 當轉送訊務紀錄被饋入系統時, 量測模組便能高效率地統計top-N的flooding訊務,例如:ICMP/UDP等即時性 packet flooding、 scanning/SYN flooding、 SMTP flooding.並提供檢測模組定期加總各時段的flooding訊務,比對packet size, packet rate或flow rate等訊務臨界值,篩選異常的攻擊訊務並自動通告用戶,或限制嚴重攻擊源的通訊. 本研究也依據P2P網路的高頻次連接特性,實做非內容查驗式的P2P訊務量測系統,協助網路用戶與管理者掌握大傳訊量的P2P節點, P2P應用阜的訊務分布. Flow-based FDS與P2P量測系統已成功地裝設於一個TANet骨幹節點網路,持續執行flooding訊務量測與檢測,自動發送電子郵件通知用戶或管理者修補感染的系統,也自動設定骨幹router限流嚴重的異常flooding訊務. 統計的通告abuse 訊務與flooding檢測結果間的相關數據也顯示: 相當高比率的被通告abuse主機 (包括: scanning/SYN flooding、 spam 、違反智財權) 可由自動檢測的異常訊務列中檢得. Abstract In this thesis, we present two specific contributions, the flow-based flooding detection system (FDS) and P2P traffic measurement system. The key idea of FDS is constructing the set of features and corresponding criteria according to the interested flooding behaviors, and aggregating the flooding traffic based on the constructed features. Then, the detection module accumulates the interested statistical variables, and compares those traffic variables with the thresholds. Once all the variables exceeded the estimated quantifiers, the detector alarms the anomalies and trigs response module to notify owners of the anomalous systems, and limit the significant real-time flooding traffic. The flow-based P2P traffic measurement system is developed based on the connection-intensive feature of P2P network for providing network users grasp the P2P traffic and the aggressive participants. FDS and P2P traffic measurement systems have been deployed over an aggregate network of TANet backbone for effectively detecting and limiting the significant flooding anomalies. The detection result shows that a high proportion of the notified abuse traffic, including port scanning, spam, and copyright infringement, could be picked up from the detected anomalies and the measured aggressive P2P peers.
    显示于类别:[資訊工程研究所] 博碩士論文

    文件中的档案:

    档案 大小格式浏览次数
    0KbUnknown516检视/开启


    在NCUIR中所有的数据项都受到原著作权保护.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回馈  - 隱私權政策聲明