文化大學機構典藏 CCUR:Item 987654321/20174
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 46962/50828 (92%)
Visitors : 12422878      Online Users : 649
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/20174


    Title: 入侵偵測演算法效益評估
    Authors: 莊雅淳
    Contributors: 資訊管理學系
    Keywords: 入侵偵測系統
    K最近鄰法
    倒傳遞類神經網路
    廣義規則歸納法
    Date: 2010
    Issue Date: 2011-11-02 15:31:01 (UTC+8)
    Abstract: 網際網路普及化與網路攻擊工具易於取得,使得網路安全議題日益凸顯,網路安全事件日漸影響使用者之網路活動及企業之營運。如何有效偵測網路入侵封包且降低入侵偵測系統(Intrusion Detection System, IDS)之誤判率,並採取適當之防護措施,對於企業與網路管理者都是一項迫切且必須之工作。本篇研究針對KDD CUP’99資料庫之網路入侵封包資料,調校常見之KNN、BPN、GRI演算法,建構訓練模型,尋求較佳之入侵偵測組態。研究結果顯示,調校使用單一演算法建構之組態,準確率最高可達98.77%,最低誤判率可達0.3484%。若並聯3個調校演算法進行偵測,準確率則可提高至99.68% ; 而串聯3個演算法進行偵測,誤判率則可降至0.03318%。而研究結果顯示,演算法建構之模型耗損電腦效能並不明顯,Max of CPU Load Average為21%,Max of Average Memory Usage為26%。
    Due to popularization of the Internet and easy access of network attack tools, network security issues become apparent. Network security incidents affect network users’ of activities and operations of enterprise. How to effectively detect intrusion packets, which reduced false negatives, and engage appropriate countermeasures are urgent and essential tasks for enterprises and network administrators.
    This research evaluates data of network intrusion packet from KDD CUP’99 database, tunes common algorithms KNN, BPN and GRI to construct training model, and seek a better configuration of intrusion detection.
    The results show maximum accuracy of tuned configuration using single algorithm could reach 98.77% with minimum false negative ratio 0.3484%. Tuned con-figuration conjoining three algorithms could reach 98.68% accuracy. The minimum false negative ratio of tuned configuration disjoining three algorithms could reduce to 0.03318%. Research results also show computer performance affected by the models constructed is not apparent. The Max of CPU Load Average is 21%, and the Max of Average Memory Usage is 26%.
    Appears in Collections:[Department of Information Management & Graduate Institute of Information Management] Thesis

    Files in This Item:

    File Description SizeFormat
    莊雅淳-1.pdf149KbAdobe PDF394View/Open
    莊雅淳-2.pdf1009KbAdobe PDF1897View/Open


    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback