| Summary: | 碩士 === 世新大學 === 資訊管理學系 === 92 === With the rapid development of the Internet, the Network Intrusion is one of the most important issues that have affected internal and external activities in the enterprises against secure drawback. However, the traditional Intrusion Detection System (IDS) cannot defend the new attack model enough, thus the proposed scheme is based on the distributed IDS analyzes users’ behaviors with collecting the different sources of network packages and then builds up the anomaly behavior as patterns. In this thesis, we propose the Web Services and XML format to solve an awkward situation that expanding and sharing patterns by intrusion detection system at present. It is possible to resist any disguise of patterns using the XML signature encryption infrastructure and resist the cooperation attacks using message alert between these intrusion detection systems. There are many differences on each protocol of intrusion behavior, how to detect all patterns in the database will affect efficiency in the system. Therefore, we propose a general pattern format to integrate that use the different analysis methods to produce patterns. It can be classified patterns to each protocol to reduce the amount of patterns and then raises up efficiency and accuracy on mapping patterns in the intrusion detection system.
|
|---|
