博碩士論文 110453012 完整後設資料紀錄

DC 欄位 語言
DC.contributor資訊管理學系在職專班zh_TW
DC.creator鄧經業zh_TW
DC.creatorChing-Yeh Tengen_US
dc.date.accessioned2023-7-24T07:39:07Z
dc.date.available2023-7-24T07:39:07Z
dc.date.issued2023
dc.identifier.urihttp://ir.lib.ncu.edu.tw:444/thesis/view_etd.asp?URN=110453012
dc.contributor.department資訊管理學系在職專班zh_TW
DC.description國立中央大學zh_TW
DC.descriptionNational Central Universityen_US
dc.description.abstract入侵威脅指標通常採用機器可讀(Machine-Readable)格式,使其可以很容易地整合至資安設備或資安監控機制之中,故為組織應用最廣之情資類型,但隨時間推移,入侵威脅指標將會變得越來越不可靠,原先遭攻擊者利用之 IP,可能會變得合法,若持續阻擋,可能會導致誤報(False Positives),然而,實務上,並沒有任何一個標準或機制,可用來判定入侵威脅指標之阻擋時效,因此,本研究以IP為例,設計一套實務上可行之自動化入侵威脅指標阻擋時效最適化模型,並進行多項實驗,找出最適解的最適化模型。本研究所設計之最適化模型,準確率高達94.4%,召回率高達97.2%,俾利於組織可利用該模型,有效排除已過阻擋時效之入侵威脅指標。 關鍵字:網路威脅情資、入侵威脅指標、有效期限、阻擋時效zh_TW
dc.description.abstractIndicators of Compromise (IoC) are commonly represented in machine-readable formats, making it easy to integrate them into cybersecurity devices or monitoring mechanisms. They are the most widely used type of threat intelligence in organizational applications. However, over time, IoCs can become increasingly unreliable. IP addresses that were previously used by attackers may become legitimate, and continuously blocking them could result in false positives. Unfortunately, there is currently no standard or mechanism to determine the timeliness of blocking IoCs. Therefore, this study focuses on IP addresses and designs a practical and optimal model for blocking timeliness of IoC. Multiple experiments are conducted to find the best solution for the optimization model. The designed optimization model in this study achieves a high accuracy rate of 94.4% and a high recall rate of 97.2%. Organizations can effectively utilize this model to eliminate expired IoCs. Keywords: Cyber Threat Intelligence, Indicators of Compromise, Expiration Date, Blocking Timeliness.en_US
DC.subject網路威脅情資zh_TW
DC.subject入侵威脅指標zh_TW
DC.subject有效期限zh_TW
DC.subject阻擋時效zh_TW
DC.subjectCyber Threat Intelligenceen_US
DC.subjectIndicators of Compromiseen_US
DC.subjectExpiration Dateen_US
DC.subjectBlocking Timelinessen_US
DC.title入侵威脅指標之阻擋時效研究-以IP為例zh_TW
dc.language.isozh-TWzh-TW
DC.titleThe Research on Blocking Timeliness of Indicators of Compromise - A Case Study on IPen_US
DC.type博碩士論文zh_TW
DC.typethesisen_US
DC.publisherNational Central Universityen_US

若有論文相關問題,請聯絡國立中央大學圖書館推廣服務組 TEL:(03)422-7151轉57407,或E-mail聯絡  - 隱私權政策聲明