(A) statistical approach to network detection on backbone links대규모 기간망에서의 네트워크 공격탐지를 위한 통계적 기법에 관한 연구

Cited 0 time in webofscience Cited 0 time in scopus
  • Hit : 519
  • Download : 0
DC FieldValueLanguage
dc.contributor.advisorKim, Se-Hun-
dc.contributor.advisor김세헌-
dc.contributor.authorKim, Min-Taek-
dc.contributor.author김민택-
dc.date.accessioned2011-12-14T04:07:19Z-
dc.date.available2011-12-14T04:07:19Z-
dc.date.issued2005-
dc.identifier.urihttp://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=243564&flag=dissertation-
dc.identifier.urihttp://hdl.handle.net/10203/40695-
dc.description학위논문(석사) - 한국과학기술원 : 산업공학과, 2005.2, [ ii, 45 p. ]-
dc.description.abstractSeveral network attacks, such as distributed denial of service (DDoS) attack, presents a very serious threat to the stability of the internet. The threat posed by network attacks on large networks, such as the internet, demands effective detection method. Therefore, a simple intrusion detection system on large-scale backbone network is needed for the sake of real-time detection, preemption and detection efficiency. In this paper, in order to discriminate attack traffic from legitimate traffic on backbone links, we suggest a relatively simple statistical measure, entropy, which can track value frequency. Because according to network attacks, there should be unusual value frequency in source IP, destination IP and destination port, we observe changes of entropy value for three selected packet attributes. In order to evaluate our detecting algorithm, we experimented with 2000 DARPA Intrusion Detection Scenario Specific Data Sets. The result shows that network attack packets show anomalies in entropy values of selected packet attributes. In other words, there is conspicuous distinction of entropy values between attack traffic and legitimate traffic. And also according to the type of the network attacks, there are significant differences of the entropy values. Therefore, we can identify what kind of attack it is as well as detecting the attack traffic using entropy value.eng
dc.languageeng-
dc.publisher한국과학기술원-
dc.subjectBackbone Links-
dc.subjectStatistical Approach-
dc.subjectDDoS-
dc.subjectIntrusion Detection-
dc.subjectShear testtical tail wingnspection-
dc.subject전단시험-
dc.subject압축시험-
dc.subject대규모 기간망 층간전단시험-
dc.subject통계적 기법-
dc.subject분산 서비스 공격-
dc.subject침입탐지-
dc.title(A) statistical approach to network detection on backbone links-
dc.title.alternative대규모 기간망에서의 네트워크 공격탐지를 위한 통계적 기법에 관한 연구-
dc.typeThesis(Master)-
dc.identifier.CNRN243564/325007 -
dc.description.department한국과학기술원 : 산업공학과, -
dc.identifier.uid020033088-
dc.contributor.localauthorKim, Se-Hun-
dc.contributor.localauthor김세헌-
Appears in Collection
IE-Theses_Master(석사논문)
Files in This Item
There are no files associated with this item.

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0