English  |  正體中文  |  简体中文  |  Items with full text/Total items : 69561/69561 (100%)
Visitors : 23148256      Online Users : 707
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/9587


    Title: 入侵偵測系統:使用以函數為基礎的系統呼叫序列;Intrusion Detection Using Function-based Sequences of System Calls
    Authors: 曾俊翰;Chun-han Tseng
    Contributors: 資訊工程研究所
    Keywords: 以函數為基礎的系統呼叫序列;入侵偵測;緩衝區溢位;異常行為;字尾樹;Suffix Tree;Abnormal Behavior;Function-based Sequences of System Calls;Intrusion Detection;Buffer Overflows
    Date: 2008-07-10
    Issue Date: 2009-09-22 11:51:09 (UTC+8)
    Publisher: 國立中央大學圖書館
    Abstract: 網路安全問題每年造成的達數十億美元損失。隨著網際網路的興起,我們所使用的電腦軟體也充斥著安全漏洞,電腦系統的安全議題也在此環境中變的越來越重要。儘管『緩衝區溢位』(Buffer Overflows)的軟體漏洞已經被發現多年,現今的電腦系統仍然持續的受到這類型的攻擊。 本篇論文提出一個改良過的入侵偵測系統(Intrusion Detection System),利用以函數為基礎的系統呼叫序列(Function-based Sequences of System Call)來偵測程式的異常行為(Abnormal Behavior)。這個方法尤其對『緩衝區溢位攻擊』特別有效。除此之外,我們還使用了一種名為『字尾樹』(Suffix Tree)的資料結構來改善偵測的效率。實驗結果顯示我們的方法不管是在攻擊的阻擋率或者是效能上都比改善前的方法好。 Computer and network security problems cause billions in damage every year. As the use of Internet, modern computer systems are plagued from security vulnerabilities. Security issues have become more and more important in such environment. Although the concept of buffer overflows had been known for years, modern computer systems suffered from these kinds of security weaknesses constantly. This article presents an improved method for intrusion detection, which detect abnormal behaviors of a process using function-based sequences of system calls. The method is especially effective in detecting Buffer Overflow Attacks. Our method also stored these sequences through a data structure called Suffix Tree, which improved our system performance a lot. Experiments show that our method has better effectiveness and performance than previous methods.
    Appears in Collections:[資訊工程研究所] 博碩士論文

    Files in This Item:

    File SizeFormat


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback  - 隱私權政策聲明