| Summary: | 碩士 === 國立成功大學 === 電腦與通信工程研究所 === 94 === Web applications is increasing quickly with the blooming network bandwidth and demands. While the adoption of Web-based technologies for conducting business has enabled organizations to connect seamlessly with suppliers, customers and other stakeholders. By design, Web applications are publicly available on the Internet. This has also exposed a multitude of previously unknown security risks and provided hackers with easy access and allows almost unlimited attempts to hack the application. Hackers have been successful in finding a gaping hole in the corporate security infrastructure, one of which organizations were previously unaware Web applications. Consequently, website defacement is another major problem resulting from Web application attacks. Such factors require the dataset to test the signatures of intrusion detection systems used for protecting the web-site security. In addition, the off-line dataset evaluation methodology proposed by MIT Lincoln Lab is a pratice solution in terms of evaluating the performance of IDS. However, MIT Lincoln Lab models the synthetic traffic more from session level rather than from user level. From my viewpoint, user behavior simulation is very important in IDS evaluation and is an immensely challenging undertaking because of the complexity and intricacy of human behaviors.
In my master thesis, I discuss my effort to improve the dataset for intrusion detection signatures evaluation. Unlike MIT Lincoln Lab, I propose the design and procedures to generate the synthetic traffic by rebuilding the web infrastruc-
ture and analyzing the user behavior. From the experiment results, it gives my model the ability to feasibly construct synthetic traffic with high similarity and fidelity, and detects the weakness of intrusion detection signatures successfully.
|
|---|
