English  |  正體中文  |  简体中文  |  Items with full text/Total items : 73032/73032 (100%)
Visitors : 23065801      Online Users : 241
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version

    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/84076

    Title: 企業資訊安全防護:網路封包蒐集分析與網路行為之探索性研究
    Authors: 陳裕炎;Chen, Yu-Yen
    Contributors: 資訊管理學系在職專班
    Keywords: 資訊安全;開源軟體;機器學習;information security;open source software;machine learning
    Date: 2020-07-20
    Issue Date: 2020-09-02 18:01:38 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 惡意程式是指我們最常聽到的電腦病毒、蠕蟲、木馬病毒、間諜軟體、惡意廣告、瀏覽器綁架、後門程式以及近幾年最常聽到且造成重大危害的勒索軟體等,而這些惡意程式的產出原因無非都是有利可圖,從散佈惡意程式後從中獲取有利之資訊,或是進行破壞或是綁架等行為,因此擁有廣大商業資料及金流的企業就一定會是駭客攻擊的首要目標。
    ;Malware refers to Computer Viruses, Worms, Trojans, Spyware, Malicious Ads, Browser Kidnappings, and Backdoor Programs. The Ransomware that have been most frequently heard in recent years and cause major harm. The main purpose of those malware outputs is nothing more than grabbing the potential commercial profit or the competitive advantages through distributing malicious programs to users′ devices or deceive the users to execute those destructive programs that lead to the system be destructed and kidnapped. Of course, companies with vast commercial data and cash flow will certainly be the primary targets of hacker attacks.
    In recent years, besides the intrusions from the external malicious programs, the most serious threats to corporate information security are the infringement from the unlawful employees and intentional or unintentional information leaked caused by the vendors. These internal and external threats tend to greatly affect the corporate to lose their competitiveness and hard to prevent. However, most of the traditional security software that adopted in the company is only for the detection of malicious programs and the prevention of intruding actions and there is only a few software have abilities to monitor and track the users or systems behaviors within the corporate network.
    In order to solve the problems mentioned above and save the cost of implementing professional information security systems, the research aims to use combinations of open source software to collect corporate internal network traffic data for network behavior statistics and analysis. The research will identify each operation from the collected data and use the most popular machine learning method, such as C4.5 Decision tree, Support Vector Machine, and Naive Bayes classifier to classify each operation and find out the abnormal network behavior (operations combinations) in the corporate internal network.
    In this study, the operations will be divided into three categories: Warn, Critical, and Good. The operations that will be categorized as the “Warn” category are due to those operations that do not have sufficient characteristics to be classified as “Good” or “Critical” categories. Otherwise, the other operations will be classified as “Good” or “Critical” depends on the operation characteristics
    In this study, the Decision Tree calculation leads to a high accuracy result. Using a single Decision Tree classification method could not really achieve the preset goal, but only figure out the major abnormal network behavior. In order to achieve the goal of establishing a true enterprise information security alert system, we still need more operation characteristics for doing the detailed operation classification and then finally enhance the accuracy of each operation classification. Meanwhile, we could also leverage more kinds of machine learning algorithms to complement the current decision model and identify more various types of ambiguous network behaviors (operations combinations) in the corporate internal network.
    Appears in Collections:[資訊管理學系碩士在職專班 ] 博碩士論文

    Files in This Item:

    File Description SizeFormat

    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback  - 隱私權政策聲明