| Summary: | 碩士 === 國立高雄第一科技大學 === 電腦與通訊工程所 === 94 === ABSTRACT
In the e-business environment, business information is stored in computer and
accessed through the Internet . That has become the new way of communication today and
is the most attack service of network . Besides the known vulnerabilities, more
application-level web securities have been exploited recently, such as parameter tampering,
application buffer overflow, and backdoor program etc. Unfortunately, they can’t be
detected by traditional intrusion detection system effectively. Thus, distributed denial of
service attack not only successful on ordinary company, but also the well - known
company such as eBay.com . The attacker’s click action will make the business lost much
transaction . The impact of information security will more serious such as the war of
information.
However,when applying a regular intrusion detection system, most data collected was
binary machine code. When matching legal command pattern and data with this extremely
unintelligible binary code, huge data often burdens the system, unable to detect intrusion
behavior in real time, and creates regularly incorrect detections. In this study, we proposed
an intrusion detection system which is running on network-based with anomaly detecting
techniques used by self-organizing map(SOM) method.This method is to extract the
features of normal behaviors in order to distinguish with the abnormal behavior like
intrusion or attack. This method also can reduce the overloading of the intrusion detection
system and let intrusion detection system real-time detection. Unlike other techniques, our
method needs not to be updated regularly. Therefore, our proposed system could insure the
safety against intrusion in realtime and maintain easily.
|
|---|
