中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/86563
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 81570/81570 (100%)
造访人次 : 47026634      在线人数 : 96
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/86563


    题名: 基於卷積神經網路與梯度提升演算法於網路惡意加密流量偵測之研究;A Study of Malicious and Encrypted Networks Traffic Detection Based on Convolutional Neural Network and Gradient Boosting Algorithm
    作者: 彭筱茵;Peng, Hsiao-Yin
    贡献者: 資訊工程學系
    关键词: 加密流量分析;入侵檢測系統;流量分類;XGBoost;卷積神經網路;Encrypted traffic analysis;Intrusion Detection System;Traffic Classification;eXtreme Gradient Boosting;Convolutional Neural Network
    日期: 2021-07-28
    上传时间: 2021-12-07 12:58:27 (UTC+8)
    出版者: 國立中央大學
    摘要: 近年來用戶對於隱私及安全性日漸重視,因此,各種網路服務及應用程式會透過加密技術來保護使用者在網路中訊息溝通或資料傳輸的內容,進而提升用戶的隱私。而隨著加密技術的發展,也隨之帶動HTTPS的快速成長,使其成為最廣泛應用的網路通訊協定,並且在網路傳輸中對訊息加密也逐漸成為一項主流。然而,攻擊者對於網路攻擊的手法不斷推陳出新,雖然透過加密技術可以保護用戶的安全隱私,防止資料洩漏或遭受其他攻擊的機會,但也提供攻擊者隱藏惡意程式在加密資料中卻不被發現的機會。此外傳統深度封包檢測(Deep Packet Inspection, DPI)的偵測機制也會因為封包加密而受到很大的限制,因此如何在加密的情況下進行惡意流量的偵測是一個重要的關鍵。
    本論文為了解決加密流量的惡意攻擊的問題,提出了結合深度學習與機器學習的CNN-XGB惡意流量分類模型,該模型中使用卷積神經網路(Convolutional Neural Network, CNN)與XGBoost(eXtreme Gradient Boosting)技術,可以有效的分類公開資料集與自行錄製的加密資料集中的8種攻擊類型,並且達到99.27%的準確率。並且將該模型應用於入侵檢測系統(Intrusion Detection System)中,即時地進行網路流量檢測,其所提出的IDS對於異常攻擊流量的偵測時間可以在1.075秒內完成。因此本論文提出之基於機器學習之惡意加密流量偵測機制可以即時地偵測惡意加密流量。
    ;In recent years, people are care more about data privacy and data security. A lot of services and applications are using encrypted mechanism to protect the communication and data context of Internet users and improve the user privacy. The development of the encrypted technique also led the rapid growth of HTTPS, making it become the most widely used encryption protocol in the Internet. Also, using encrypted communication when transmitting has become a standard. However, cybercriminals are constantly creating new attacks to fit new trends. Although the encrypted technique can protect the security and privacy to prevent the data breach or other attacks, it also gives the chance to attackers for hiding some malware inside the encrypted data without being detected. In addition, the traditional DPI (Deep Packet Inspection) mechanism is be limited to the encrypted packet.
    To classify the malicious and encrypted traffic, this paper proposed a CNN-XGB model which combine Convolutional Neural Network (CNN) and eXtreme Gradient Boosting (XGBoost) techniques. This model can reach the 99.27% accuracy of 8 types of attacks on the self-captured traffic and the public dataset. After applying the model to the Intrusion Detection System (IDS), the average detection time of attacks can finish in 1.075 second. With the efficient malicious traffic classification model and IDS, we can keep the security and privacy of user and do not affect the Quality of Service (QoS) in network.
    显示于类别:[資訊工程研究所] 博碩士論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    index.html0KbHTML106检视/开启


    在NCUIR中所有的数据项都受到原著作权保护.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明