維持高品質與不中斷的線上網站服務,減少因為網路中斷時造成的無形利益損失,為此建立一網路監控機制以防止惡意連線與攻擊行為格外重要。為提早發現網路威脅,降低後端入侵偵測系統負擔,本研究提出一基於監控網路流量以防止惡意連線與攻擊行為,並且運用統計理論輔以模糊控制理論為基礎架構,針對單一資料傳輸之流量行為與正常連線行為作為對比,建立正常傳輸行為模組以達到網路監控與警示機制,試圖提高異常行為之判斷。本研究分為三部分進行,第一部分主要是利用工具模擬偵測與攻擊行為,第二部分依據專家經驗與防禦對策提出一防禦偵測機制,第三部分則是利用統計式模糊流量控制技術試圖降低後方入侵偵測系統運算以達到流量控制目的。
The research proposes monitoring network traffic to preventing malicious attacks. It uses statistical theory and fuzzy control architecture to create a single transmission behavior. It will establish a normal transmission behavior module in order to achieve network monitoring and an alert mechanism. The mechanism tries to improve the abnormal behavior detection rate. The study is divided into three parts. The first part uses tools to simulate detection and aggressive behavior. According to many defensive measure reports, we will build a detection mechanism. The third part uses statistical theory and fuzzy control to monitor each network flow. The mechanism will preprocess denial of service attacks for an intrusion detection system.
