中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/13501
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 81025/81025 (100%)
造访人次 : 46498040      在线人数 : 580
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/13501


    题名: 利用決策樹改善以;FPGA 為基礎之入侵偵測系統資源利用 Using Decision Trees to Improve Resource Utilization on FPGA-based Network Intrusion Detection System
    作者: 魏雅笛;Ya-Ti Wei
    贡献者: 資訊管理研究所
    关键词: 入侵偵測系統;非決定性有限狀態自動機;決策樹;現場可規劃邏輯閘陣列;Network intrusion detection systems (NIDS);Decision tree;NFA;FPGA
    日期: 2008-06-23
    上传时间: 2009-09-22 15:33:29 (UTC+8)
    出版者: 國立中央大學圖書館
    摘要: 網路的應用對於目前個人及企業越來越重要,網路的頻寬也不斷的成長,網 路入侵測系統基於特徵比對便成為個人及企業不可或缺的基礎防謢。然而目前入 侵偵測系統大多架設在軟體的架構之上,越來越無法應付目前網路現況;相反地, 硬體具有高速及帄行比對能力,能夠進行快速的比對,尤其 FPGA 能重覆燒錄及 快速製作雛型,相當合適設計入侵偵測系統。但 FPGA 內所能使用的資源有限, 而特徵資料庫卻需要不斷的更新及擴張,故本研究基於以上動機,利用 FPGA 設 計入侵偵測系統,以決策樹處理規則的標頭,再依規則標頭比對架構建置多字串 比對群組來進行封包內容的比對。本研究提出的架構帄均可以降低 56%的電路資 源使用率,故能擁有更多資源來擴充新的規則,具有可擴張性,而且採用多字串 比對群組,可以使用特徵字串帄行比對增加效能,實驗証明本系統架構可以使用 較少的資源,且較其它 FPGA 設計更具效能。 As network services become more and more important in our society, the demand for network security systems is increasing. Network intrusion detection systems (NIDS) provide an effective and secure solution to the network attacks and are widely used in enterprises. Many NIDSs, such as Snort, are based on software, so their processing speeds are much slower than wire-speed. FPGA technology has properties which are high speed string matching and reprogrammable, but the resources in FPGA are limited while the database of signatures has become very large and keeps growing. In this thesis we use decision tree to improve the utilization of resources when implementing NIDS on FPGA. The system uses decision tree to process the rule header to reduce resource requirements. Rule options are organized to multiple string matching groups according to the matching results of rule header. We implement an IDS circuit that process 1023 Snort rules at FPGA. The experimental results show that the system can reduce the average of resource by 56%. In addition, we develop a tool to automatically generate the Verilog HDL source code of the IDS circuit from a Snort rule set. Using the FPGA and the IDS circuit generator, the proposed system is able to update the matching rule corresponding to new intrusion and attacks.
    显示于类别:[資訊管理研究所] 博碩士論文

    文件中的档案:

    档案 大小格式浏览次数


    在NCUIR中所有的数据项都受到原著作权保护.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明