English  |  正體中文  |  简体中文  |  Items with full text/Total items : 2737/2828
Visitors : 3542147      Online Users : 28
RC Version 4.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Adv. Search
LoginUploadHelpAboutAdminister

Please use this identifier to cite or link to this item: http://ir.lib.stu.edu.tw:80/ir/handle/310903100/1265

Title: RST入侵偵測預處理機制
Preprocess Mechanism of Intrusion Detection Based on RST
Authors: 洪弘洲
Hong-Zhou Hong
Contributors: Yu-Kuo Tseng
資訊工程學系
Keywords: 入侵偵測;資料預處理;約略集理論;屬性縮減
Intrusion Detection;Data preprocessing;Rough Set Theory;Attribute Reduct
Date: 2008
Issue Date: 2011-05-24 15:12:03 (UTC+8)
Publisher: 高雄市:[樹德科技大學資訊工程學系]
Abstract: 目前對於入侵偵測系統(Intrusion Detection System ; IDS) 的主要研究方向是針對提高偵測準確率和降低系統負擔。由於入侵偵測系統漏過了任何攻擊都可能對電腦產生極大威脅,所以提高偵測準確率是許多研究者的研究目標,但是入侵偵測需要處理的資料量十分龐大,因此往往為了提高偵測準確率,卻使得效能大幅降低,所以便需使用資料預處理相關技術來提升入侵偵測系統效能。
目前資料預處理中許多研究均以去除品質不良資料為主要研究對象,但這些研究所提出的預處理方法,不是無科學根據地移除資料,就是移除的資料對於提升入侵偵測系統的偵測準確性上沒有幫助,甚至還降低了偵測準確率。所以我們提出以約略集理論(Rough Set Theory)的方法來分析並找出蒐集的資料中對於提升攻擊偵測率沒有幫助的特徵屬性並移除它們,而經由縱向的屬性縮減後,將可大幅減少所需分析的資料量,使入侵偵測系統達到最佳的效能, 經由本論文的實驗證明我們的方法確實能減少一半左右屬性的資料量卻不會降低偵測準確率。
我們也和其他使用KDD-Cup1999資料集的相關研究進行比較,分析之間優劣,證明我們所使用的方法並不亞於其他相關研究,我們有效的刪除不必要的屬性還能保持原有較高的準確率及覆蓋率。最後本研究也將預處理結果分別套至入侵偵測系統中常見的不同分類方法來進行實驗,結果證明本研究成果有助於入侵偵測系統在資料量減少下仍可維持良好的準確率及覆蓋率。
At present, the main research direction for Intrusion Detection System (IDS) is to enhance the detecting accurate rate, reduce the false positive rate, and improve the system performance. The amount of data, which intrusion detection needs to process, is usually extremely huge, so it is an important issue for IDS to improve its performance through reducing the amount of data. Under high overload, though, IDS might omit some attack attempts that could cause potential and serious threats to user’s computers. Thus, the detecting rate will decrease as well.
As to reducing the amount of data, many preprocessing schemes are also proposed to enhance the IDS performance. However, without any reasonable and scientific explanation, most of them just remove some data from the data set required to be analyzed by IDS. Furthermore, removing those data incorrectly could lower the detecting rate. Therefore, we propose a scientific IDS preprocessing scheme based on Rough Set Theory to discover and remove around a half useless conditional attributes. Pruning helpless attribute subset will refine data set and boost the IDS performance.
We have compared our research with others which also use KDD-Cup1999 data set, and the experiment results show that the proposed scheme’s accuracy rate and coverage rate is not worse than others, after removing. The preprocessed and reducted KDD-Cup data set also is input into three common classification medthods used in the kernal of Intrusion Detection System. There is Decomposition Tree, Neural Network, K-th nearest neighbor, and every detecting rate between the KDD-Cup 1999 data set is the same. Therefore, the proposed scheme will boost the performance of IDS without effecting the IDS detecting rate.
Appears in Collections:[資訊工程系(所) ] 博碩士論文

Files in This Item:

File Description SizeFormat
RST 入侵偵測預處理機制.pdf819KbAdobe PDF1089View/Open
RST入侵偵測預處理機制__臺灣博碩士論文知識加值系統.htm國圖101KbHTML440View/Open


All items in STUAIR are protected by copyright, with all rights reserved.

 


無標題文件

著作權政策宣告:

1.

本網站之數位內容為樹德科技大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
 
2. 本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本校護人員(clairhsu@stu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
 
DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback