中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/45472
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41638717      Online Users : 1769
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    NCUIR > administration > Computer Center  > Research Project >  Item 987654321/45472


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/45472


    Title: 聚集網路之異常偵測與通告系統;Abnormality Detection and Notification System over Aggregate Network
    Authors: 楊素秋
    Contributors: 電子計算機中心
    Keywords: Flooding detection;PortScan;spam;packet flooding;anomaly notification;資訊工程--硬體工程
    Date: 2008-07-01
    Issue Date: 2010-12-28 14:20:33 (UTC+8)
    Publisher: 行政院國家科學委員會
    Abstract: 隨著Internet 的快速擴展,人們得以廣泛地分享知識,進行各種網路交易.但駭客也利用各種途徑感染連網主機,並利用龐大的傀儡軍團散播廣告/病毒信 (spam/virus mail),掃瞄弱點(portscan), 發動DDoS 攻擊,詐騙銀行帳號(phishing). 為防堵駭客透過蠕蟲,email 病毒,潛藏網站的病毒, 感染用戶主機. 隨著組織對資訊安全的重視,在端點主機(end user)防護與網段的異常偵測方面漸有改善. 但對於廣範圍網路的防護則相當缺乏. 本計劃側重於 網路彙集點的異常偵測與防護工作. 藉由對網路異常行為與特性的分析:包括: portscan, spam, packet flooding 攻擊, P2P infringement traffic 選定適當的異常訊務特徵變量, 撰寫訊務累計/排序,與多元異常變量偵測程式, 實做Flooding 異常訊務偵測與通告系統. 該系統除了能將偵測得異常PortScan 弱點掃瞄, Spam 廣告垃圾信件, UDP Packet flood, 及 P2P infringement 源端主機 IP 位址,及傳訊特徵變量的具體數據外,更可結合 網路routing 資訊, 自動將量測的異常訊務數值自動email 通知網路管理人員與用戶,儘速修補感染的系統,主動阻截DDoS 攻擊或爛送的廣告信.利用網路總閘門位置,提供全面,廣範圍的安全防護。The rapid growth in DoS attack, spam and mass-mail viruses has increased the need to develop effective approaches for detecting the significant flooding anomaly. As all traffic between the public Internet and the customer』s desktop are interconnected through ISP』s access router, it might be feasible and effective for adding an extra level flooding filtering over aggregate networks for detecting the source hosts that launch flooding based DoS attack and delivery huge amount of spam. This work makes use of the transportation traffic log gathered from backbone router to develop flooding detection system (FDS) that measures and detects the extremely anomalous traffic according to the bulk distribution aspect of the obvious anomalies, including: packet flooding attack, portscan, spam distribution, and P2P traffic distribution. FDS system has been deployed in one regional network center over a TANet (Taiwan Academic Network) network center for offering an extra level filtering and assisting network users grasping the significantly anomalous traffic. 研究期間:9608 ~ 9707
    Relation: 財團法人國家實驗研究院科技政策研究與資訊中心
    Appears in Collections:[Computer Center ] Research Project

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML1273View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明