中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/93534
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 78852/78852 (100%)
Visitors : 37826092      Online Users : 3010
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/93534


    Title: 尉遲監控系統:基於規則的企業網路流量監控與管理
    Authors: 孫學任;Sun, Syue-Ren
    Contributors: 資訊工程學系
    Keywords: 深度封包檢測;流量識別;入侵偵測系統;Deep Packet Inspection (DPI);Port Mirroring;Traffic Classification;Intrusion Detection System (IDS)
    Date: 2023-10-13
    Issue Date: 2024-03-05 17:43:26 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 隨著雲端技術的普及和遠端工作模式興起,企業網路環境變得更加複雜,伴隨而來的安全風險也有所提升。本研究設計並實作了一套名為「尉遲監控系統」的基於規則的深度封包檢測流量監控系統,目標包括對區域網路進行檢測、分析封包特徵、儲存和檢視所有流量資訊、設計流量特徵的規則稽核系統、提供告警系統等。並進行了相關內網攻擊的實驗,系統成功檢測出惡意DNS請求、SMB蠻力攻擊和ARP欺騙等攻擊情境,且系統在長時間運行下表現穩定,具有良好的服務效能。在開發過程中,我們對NFStream開源專案作出了一些改進,經過向專案負責人提出合併請求後,我們的改進方案成功地被納入了該專案中。尉遲監控系統提供管理者一套網路流量監控系統,增進企業網路的安全防護。;With the proliferation of cloud technology and the rise of remote work modes, the corporate network environment has become increasingly complex, and the accompanying security risks have also increased. This study designs and implements a rule-based deep packet detection traffic monitoring system named "YuChi Monitoring System". The objectives include monitoring local networks, analyzing packet features, storing and viewing all traffic information, designing a rule audit system for traffic features, and providing an alarm system. Some relevant internal network attack experiments were conducted, and the system successfully detected attack scenarios such as malicious DNS requests, SMB brute force attacks, and ARP spoofing. The system performs stably over extended periods of operation, demonstrating excellent service performance. During the development process, we made an improvement to the NFStream open-source project and the changes have been merged into the project. The YuChi Monitoring System provides managers with a network traffic monitoring system, enhancing the security protection of corporate networks.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML51View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明