中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/13390
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41825060      Online Users : 1226
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/13390


    Title: 以支援向量機技術偵測微軟作業系統中非授權使用之研究;Using SVM Technique to Detect Unauthorized Use Under Windows Operating Systems
    Authors: 賴俊豪;Chun-Hao Lai
    Contributors: 資訊管理研究所
    Keywords: 支援向量機;異常使用者行為;微軟作業系統;視窗標題;Microsoft Window OS;anomaly user behavior;Support Vector Machine;window title
    Date: 2007-06-25
    Issue Date: 2009-09-22 15:30:40 (UTC+8)
    Publisher: 國立中央大學圖書館
    Abstract: 「非授權使用」的資安危害經常都在事後才被發現,而且造成將近三成企業一半的財務損失,而僅次於「電腦病毒」所造成的破壞。由於目前微軟作業系統是市佔率最高的作業系統,故在這樣的環境下,本研究針對在微軟作業系統上「異常行為偵測」的相關文獻做探討。在探討後,本研究提出其用來建立正常使用者行為的資料來源,皆有『過於龐大』、『含有過多系統資訊』的缺點,造成資安人員分析上的不便,並且使得建立微軟作業系統上的有效使用者行為模型十分困難。而後參考相關文獻中有關「視窗標題」的概念,提出一種『資料量較少』但也能夠『分辨原先使者與非原先使用者』的資料來源,最後在實驗中以支援向量機(優秀的分類器)來驗證其有效性,並且和不同的搜集資料方式比較,說明資安分析人員可以花費較少的時間精力在建立使用者模型上。 Security damage about “Unauthorized use” are usually be discovered after it happened. And it costs about 50% financial loss in 30% respondents in 2006, CSI/FBI. Because of the popularity of Microsoft Window operation system, we discuss the “anomaly user behavior” in recent papers. After that we propose a view about “too large”, “include too many system information” in dataset that used for building normal user behavior model. It brings information security analyzer a lot of inconvenient in Microsoft Window OS environment.Then, we reference the thought, “Window Title”, and recommend a kind of dataset. The proposed dataset takes advantage of “few dataset”, “distinguish anomaly user behavior”.Finally, we use “Support Vector Machine” to verify the effect, and give some experimental results to explain the cuts of the dataset in our proposed system.
    Appears in Collections:[Graduate Institute of Information Management] Electronic Thesis & Dissertation

    Files in This Item:

    File SizeFormat


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明