維持高品質與不中斷的線上網站服務,減少因為網路中斷時造成的無形利益損失,為此建立一網路監控機制以防止惡意連線與攻擊行為格外重要。為提早發現網路威脅,降低後端入侵偵測系統負擔,本研究提出一基於監控網路流量以防止惡意連線與攻擊行為,並且運用統計理論輔以模糊控制理論為基礎架構,針對單一資料傳輸之流量行為與正常連線行為作為對比,建立正常傳輸行為模組以達到網路監控與警示機制,試圖提高異常行為之判斷。
本研究分為三部分進行,第一部分主要是利用工具模擬偵測與攻擊行為,第二部分依據專家經驗與防禦對策提出一防禦偵測機制,第三部分則是利用統計式模糊流量控制技術試圖先行降低後方入侵偵測系統負擔,並且建立特徵值比對方式運用倒傳遞類神經網路與基因演算法針對KDD CUP 99入侵偵測資料集進行實作與驗證。
The research proposes monitoring network traffic based on prevent malicious attacks. It uses statistical theory and fuzzy control architecture for a single transmission behavior. It will establish a normal transmission behavior module in order to achieve network monitoring and alert mechanism. The mechanism tries to improve abnormal behavior detection rate.
The study is divided into three parts. The first study is using tools to simulate detection and aggressive behavior. According to many defensive measure reports, we will build a detection mechanism from these reports in second study. The third study is using statistical theory and fuzzy control to monitor every network flow. The mecha-nism will preprocess denial of service attacks for intrusion detection system. We try to build the characteristic values based on back-propagation neural network and genetic algorithm and detect KDD CUP 99 data sets for intrusion detection implementation and verification.
