Responsive image
博碩士論文 etd-0812104-140046 詳細資訊
Title page for etd-0812104-140046
論文名稱
Title
後門偵測之研究
Detecting Backdoor
系所名稱
Department
畢業學年期
Year, semester
語文別
Language
學位類別
Degree
頁數
Number of pages
37
研究生
Author
指導教授
Advisor
召集委員
Convenor
口試委員
Advisory Committee
口試日期
Date of Exam
2004-07-05
繳交日期
Date of Submission
2004-08-12
關鍵字
Keywords
資料探勘、後門、入侵偵測、網路安全
Network Security, Backdoor, Data Mining, Intrusion Detection
統計
Statistics
本論文已被瀏覽 5828 次,被下載 0
The thesis/dissertation has been browsed 5828 times, has been downloaded 0 times.
中文摘要
網路如同社會的縮影,攻擊的事件時有所聞,只要是網路的參與者,無論是單純的使用者或管理者,其電腦或網路設備等都必須作好各項防範措施,時時更新修補漏洞、建置防毒軟體、防火牆和入侵偵測系統等來預防、偵測和阻擋網路攻擊。其中最難以查覺的是入侵者入侵之後植入後門程式使其能夠利用該系統資料或資源,例如竊取企業機密等。而在防護措施方面,入侵偵測系統肩負預警的功能,但此類系統多半需要監聽網路封包的標頭和內容判定是正常或是攻擊的流量,對於整個區域網路的負荷相當大。本研究即針對後門程式,期能藉由分析網路封包標頭資料的幫助,而能夠偵測出被植入的後門程式。
Abstract
Cyber space is like a society. Attacking events happen all the time. No matter what is in the cyber space. We need to do many things to defend our computers and network devices
form attackers, for example: update patches, install anti-virus software, firewalls and intrusion detection system. In all kinds of network attacks, it is hard to detect that an attacker install a backdoor after he crack the system. He can do many things by the backdoor, like steal sensitive or secret information. Otherwise, intrusion detection systems are responsible for early warnings, but they usually need to capture all the network packets include the headers and contents to analyze. It costs many overheads for the system. The goal of our research is to detect backdoors correctly, and we only use the network packet headers to analyze.
目次 Table of Contents
第一章 緒論
第二章 文獻探討
第一節 後門程式研究
第二節 資料探勘在網路安全上的相關研究
第三章 問題描述與後門偵測方法
第一節 問題描述
第二節 後門偵測方法
第三節 系統建置
第四章 系統模擬與驗證
第一節 系統模擬
第二節 驗證
第五章 結論
第一節 貢獻
第二節 未來發展
參考文獻
參考文獻 References
1. [CC 03]CERT/CC Statistics 1988-2003
http://www.cert.org/stats/cert_stats.html#incidents
2. [CF 03]2003 CSI/FBI Computer Crime and Security Survey
http://www.gocsi.com/press/20030528.jhtml
3. [CO 95]COHEN, W. W., “Fast effective rule induction.” In Proceedings of 12th
International Conference on Machine Learning (Lake Tahoe, CA). Morgan Kaufmann, San Mateo, CA., 1995
4. [DJKD 01]Dickerson, J.E., Juslin, J., Koukousoula, O., Dickerson, J.A., “Fuzzy intrusion detection,” IFSA World Congress and 20th NAFIPS International Conference, 2001. Joint 9th
5. [FIST 98]Front-line Information Security Team (FIST). Network Security Solutions Ltd., “Techniques Adopted By ‘ System Crackers’ When Attempting to Break Into
Corporate or Sensitive Private Networks,” Dec 1998
http://www.ns2.co.uk/archive/FIST/papers/NSS-cracker.txt
6. [IPA 99] “IPAudit,” http://ipaudit.sourceforge.net/, 1999
7. [JLM 91] V. Jacobson, C. Leres, and S. McCanne,“tcpdump,”http://www.tcpdump.org/, 1991.
8. [MG 97] Michael J.A. Berry, Gordon S. Linoff, “Data Mining Techniques: for marketing, sales, and customer support, ” John Wiley & Sons, Inc, 1997 36
9. [MG 00]Michael J.A. Berry, Gordon S. Linoff, “Mastering Data Mining, The Art & Science of Customer Relationship Management, ” John Wiley & Sons, Inc, 2000
10. [SJG 99]Stuart McClure, Joel Scambray, George Kurtz, “Hacking Exposed: Network Security Secrets and Solutions,” Osborne/McGraw-Hill, 1999
11. [SK] 網路後門面面觀, http://buy.sky.net.cn/minisite/sc_horse_3.htm
12. [VM 99] “VMware,” http://www.vmware.com/, 1999
13. [W 02]William Stallings, “Cryptography and Network Security: Principles and Practice,” 3rd edition, Prentice-Hall , Inc. 2002
14. [WEKA 99] “Weka,”http://www.cs.waikato.ac.nz/ml/weka/, 1999
15. [WS 98]Wenke Lee and Salvatore J. Stolfo, “Data Mining Approaches for Intrusion Detection”, 1998 7th USENIX Security Symposium, 1998.
http://www1.cs.columbia.edu/~sal/hpapers/USENIX/usenix.html
16. [WSM 99]Wenke Lee; Stolfo, S.J.; Mok, K.W., ”A data mining framework for building intrusion detection models,” Security and Privacy, 1999. Proceedings of
the 1999 IEEE Symposium on , 9-12 May 1999, Page(s): 120 -132
17. [WSM2 99]Wenke Lee, Salvatore J. Stolfo and Kui W. Mok., “Mining in a data-flow environment: Experience in network intrusion detection.” ACM SIGKDD 1999
18. [WS 00]Wenke Lee, Salvatore J. Stolfo., “A framework for constructing features and models for intrusion detection systems.” ACM SIGKDD 2000
19. [UCI] UCI Knowledge Discovery in Databases Archive http://kdd.ics.uci.edu/
20. [YS 01]Yaw-Wen Huang, and Shih-Kun Huang, “A Survey and Assessment of Network Mapping Methods and Techniques,” Information Security Newsletter, Mar 2001, Vol. 7, No. 2, pp. 52-75.
21. [ZP1 00]Zhang, Y. and Paxson, V., “Detecting Backdoors,” Proceedings of the 9th USENIX Security Symposium, Aug 2000, pp.157-170.
22. [ZP2 00]Zhang, Y. and Paxson, V., “Detecting Stepping Stones,” Proceedings of the 9th USENIX Security Symposium, Aug 2000
電子全文 Fulltext
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。
論文使用權限 Thesis access permission:校內校外均不公開 not available
開放時間 Available:
校內 Campus:永不公開 not available
校外 Off-campus:永不公開 not available

您的 IP(校外) 位址是 35.174.62.162
論文開放下載的時間是 校外不公開

Your IP address is 35.174.62.162
This thesis will be available to you on Indicate off-campus access is not available.

紙本論文 Printed copies
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。
開放時間 available 已公開 available

QR Code