中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/8398
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 66984/66984 (100%)
造訪人次 : 22947709      線上人數 : 411
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/8398


    題名: 基於Router轉送紀錄的洪流訊務檢測系統;Flow-based Flooding Detection System
    作者: 楊素秋;Su-Chiu Yang
    貢獻者: 資訊工程研究所
    關鍵詞: 廣告電子郵件;洪流訊務檢測系統;P2P訊務量測;安全弱點掃描;Flow-based flooding detection system (FDS);spam;P2P traffic measurement;scanning flooding
    日期: 2004-06-16
    上傳時間: 2009-09-22 11:25:55 (UTC+8)
    出版者: 國立中央大學圖書館
    摘要: 論文提要 本論文陳述兩項主要的研究成果:洪流訊務檢測系統(FDS)與非內容查驗式的P2P訊務量測系統. FDS系統的第一要務是依據各類洪流攻擊特性選定傳訊特性項,作為訊務量測的基礎. 當轉送訊務紀錄被饋入系統時, 量測模組便能高效率地統計top-N的flooding訊務,例如:ICMP/UDP等即時性 packet flooding、 scanning/SYN flooding、 SMTP flooding.並提供檢測模組定期加總各時段的flooding訊務,比對packet size, packet rate或flow rate等訊務臨界值,篩選異常的攻擊訊務並自動通告用戶,或限制嚴重攻擊源的通訊. 本研究也依據P2P網路的高頻次連接特性,實做非內容查驗式的P2P訊務量測系統,協助網路用戶與管理者掌握大傳訊量的P2P節點, P2P應用阜的訊務分布. Flow-based FDS與P2P量測系統已成功地裝設於一個TANet骨幹節點網路,持續執行flooding訊務量測與檢測,自動發送電子郵件通知用戶或管理者修補感染的系統,也自動設定骨幹router限流嚴重的異常flooding訊務. 統計的通告abuse 訊務與flooding檢測結果間的相關數據也顯示: 相當高比率的被通告abuse主機 (包括: scanning/SYN flooding、 spam 、違反智財權) 可由自動檢測的異常訊務列中檢得. Abstract In this thesis, we present two specific contributions, the flow-based flooding detection system (FDS) and P2P traffic measurement system. The key idea of FDS is constructing the set of features and corresponding criteria according to the interested flooding behaviors, and aggregating the flooding traffic based on the constructed features. Then, the detection module accumulates the interested statistical variables, and compares those traffic variables with the thresholds. Once all the variables exceeded the estimated quantifiers, the detector alarms the anomalies and trigs response module to notify owners of the anomalous systems, and limit the significant real-time flooding traffic. The flow-based P2P traffic measurement system is developed based on the connection-intensive feature of P2P network for providing network users grasp the P2P traffic and the aggressive participants. FDS and P2P traffic measurement systems have been deployed over an aggregate network of TANet backbone for effectively detecting and limiting the significant flooding anomalies. The detection result shows that a high proportion of the notified abuse traffic, including port scanning, spam, and copyright infringement, could be picked up from the detected anomalies and the measured aggressive P2P peers.
    顯示於類別:[資訊工程研究所] 博碩士論文

    文件中的檔案:

    檔案 大小格式瀏覽次數
    0KbUnknown518檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回饋  - 隱私權政策聲明