中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/86563
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 81570/81570 (100%)
Visitors : 47024608      Online Users : 172
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/86563


    Title: 基於卷積神經網路與梯度提升演算法於網路惡意加密流量偵測之研究;A Study of Malicious and Encrypted Networks Traffic Detection Based on Convolutional Neural Network and Gradient Boosting Algorithm
    Authors: 彭筱茵;Peng, Hsiao-Yin
    Contributors: 資訊工程學系
    Keywords: 加密流量分析;入侵檢測系統;流量分類;XGBoost;卷積神經網路;Encrypted traffic analysis;Intrusion Detection System;Traffic Classification;eXtreme Gradient Boosting;Convolutional Neural Network
    Date: 2021-07-28
    Issue Date: 2021-12-07 12:58:27 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 近年來用戶對於隱私及安全性日漸重視,因此,各種網路服務及應用程式會透過加密技術來保護使用者在網路中訊息溝通或資料傳輸的內容,進而提升用戶的隱私。而隨著加密技術的發展,也隨之帶動HTTPS的快速成長,使其成為最廣泛應用的網路通訊協定,並且在網路傳輸中對訊息加密也逐漸成為一項主流。然而,攻擊者對於網路攻擊的手法不斷推陳出新,雖然透過加密技術可以保護用戶的安全隱私,防止資料洩漏或遭受其他攻擊的機會,但也提供攻擊者隱藏惡意程式在加密資料中卻不被發現的機會。此外傳統深度封包檢測(Deep Packet Inspection, DPI)的偵測機制也會因為封包加密而受到很大的限制,因此如何在加密的情況下進行惡意流量的偵測是一個重要的關鍵。
    本論文為了解決加密流量的惡意攻擊的問題,提出了結合深度學習與機器學習的CNN-XGB惡意流量分類模型,該模型中使用卷積神經網路(Convolutional Neural Network, CNN)與XGBoost(eXtreme Gradient Boosting)技術,可以有效的分類公開資料集與自行錄製的加密資料集中的8種攻擊類型,並且達到99.27%的準確率。並且將該模型應用於入侵檢測系統(Intrusion Detection System)中,即時地進行網路流量檢測,其所提出的IDS對於異常攻擊流量的偵測時間可以在1.075秒內完成。因此本論文提出之基於機器學習之惡意加密流量偵測機制可以即時地偵測惡意加密流量。
    ;In recent years, people are care more about data privacy and data security. A lot of services and applications are using encrypted mechanism to protect the communication and data context of Internet users and improve the user privacy. The development of the encrypted technique also led the rapid growth of HTTPS, making it become the most widely used encryption protocol in the Internet. Also, using encrypted communication when transmitting has become a standard. However, cybercriminals are constantly creating new attacks to fit new trends. Although the encrypted technique can protect the security and privacy to prevent the data breach or other attacks, it also gives the chance to attackers for hiding some malware inside the encrypted data without being detected. In addition, the traditional DPI (Deep Packet Inspection) mechanism is be limited to the encrypted packet.
    To classify the malicious and encrypted traffic, this paper proposed a CNN-XGB model which combine Convolutional Neural Network (CNN) and eXtreme Gradient Boosting (XGBoost) techniques. This model can reach the 99.27% accuracy of 8 types of attacks on the self-captured traffic and the public dataset. After applying the model to the Intrusion Detection System (IDS), the average detection time of attacks can finish in 1.075 second. With the efficient malicious traffic classification model and IDS, we can keep the security and privacy of user and do not affect the Quality of Service (QoS) in network.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML106View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明