簡易檢索 / 詳目顯示

回結果列表
研究生: 王韋翔
Wei-Siang Wang
論文名稱: 用於P4交換機中偵測網路攻擊的決策樹劃分演算法
Decision tree partition algorithm for network attacks detection on P4 Switch
指導教授: 沈上翔
Shan-Hsiang Shen
口試委員: 沈中安
Chung-An Shen
黃琴雅
Chin-Ya Huang
沈上翔
Shan-Hsiang Shen
學位類別: 碩士
Master
系所名稱: 電資學院 - 資訊工程系
Department of Computer Science and Information Engineering
論文出版年: 2022
畢業學年度: 110
語文別: 英文
論文頁數: 29
中文關鍵詞: P4決策樹
外文關鍵詞: P4, Decision tree
相關次數: 點閱:211下載:3
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 隨著網路與通訊技術蓬勃發展,在越來越多的網路活動下,伴隨著利益的犯罪所導致的惡意攻擊也不絕於耳。惡意攻擊使得使用者與業者蒙受巨大的損失。因此,網路安全就成為了一項重要的議題。

    在本文中,我們提出了一種演算法,該演算法能夠妥善的分配決策樹節點至P4交換機中,進而達成利用決策樹偵測網路攻擊,來達成更高的安全性以及更低的傳輸延遲。我們設計了不同的樹節點分配方法,以及不同的尋找替代路徑方法,將兩者結合來達成我們的目標。

    With the booming of internet and communication technology, there are more and more malicious attacks caused by the crime of interest along with the increasing internet activities. Malicious attacks cause huge losses to users and operators. Therefore, network security has become an important issue.

    In this paper, we propose an algorithm that can properly allocate decision tree nodes to P4 switches to achieve higher security and lower transmission latency by using decision trees to detect network attacks. We design different tree node allocation methods and different alternative path finding methods, and combine them to achieve our goal.

    論文口試委員審定書 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i 論文口試委員審定書 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ii 中文摘要 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iii Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iv Acknowledegment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v Table of contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vi List of Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2 Related Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.1 Cyberattack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2 Machine learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.3 P4: Programming protocol-independent packet processors . . . . . . . . 7 3 Problem Definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3.1 System Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3.2 Design Goals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 4 System Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 4.2 Tree Nodes Allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 4.2.1 Place by Capacity . . . . . . . . . . . . . . . . . . . . . . . . . . 13 4.2.2 Place Averagely . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 4.3 Finding Alternative Path . . . . . . . . . . . . . . . . . . . . . . . . . . 14 4.3.1 Finding from Start . . . . . . . . . . . . . . . . . . . . . . . . . 14 4.3.2 Finding from Previous Switch of the Smallest One . . . . . . . . 14 5 Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 5.1 Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 5.2 Success Rate and Utilization . . . . . . . . . . . . . . . . . . . . . . . . 17 5.2.1 Nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 5.2.2 Node Capacity . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.2.3 Flows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 5.2.4 Tree Nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.3 Real-World Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 6 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 6.1 Future Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

    [1] M. Srivastava, Prerna Raj, “Feature extraction for enhanced malware detection using
    genetic algorithm,” International Journal of Engineering Technology, vol. 7, no. 2.8,
    p. 444, 2018.
    [2] S. Zargari and D. Voorhis, “Feature selection in the corrected kdd-dataset,” in 2012
    Third International Conference on Emerging Intelligent Data and Web Technologies,
    pp. 174–180, IEEE, 2012.
    [3] Impera. Research Labs, “2019 global ddos threat landscape report.”
    https://www.imperva.com/resources/resource-library/
    reports/global-ddos-threat-landscape/, 2019.
    [4] N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford,
    S. Shenker, and J. Turner, “Openflow: enabling innovation in campus networks,”
    ACM SIGCOMM computer communication review, vol. 38, no. 2, pp. 69–74, 2008.
    [5] G. A. Jaafar, S. M. Abdullah, and S. Ismail, “Review of recent detection methods for
    http ddos attack,” Journal of Computer Networks and Communications, vol. 2019,
    2019.
    [6] G. Cusack, O. Michel, and E. Keller, “Machine learning-based detection of ransomware using sdn,” in Proceedings of the 2018 ACM International Workshop on
    Security in Software Defined Networks & Network Function Virtualization, pp. 1–6,
    2018.
    [7] C. Li, Y. Wu, X. Yuan, Z. Sun, and W. Wang, “Ddos attack detection and defense
    based on hybrid deep learning model in sdn,” Journal on Communications, vol. 39,
    no. 7, pp. 176–187, 2018.
    [8] C. Li, Y. Wu, X. Yuan, Z. Sun, W. Wang, X. Li, and L. Gong, “Detection and
    defense of ddos attack–based on deep learning in openflow-based sdn,” International
    Journal of Communication Systems, vol. 31, no. 5, p. e3497, 2018.
    [9] Y.-C. Cheng and P.-C. Wang, “Packet classification using dynamically generated
    decision trees,” IEEE Transactions on Computers, vol. 64, no. 2, pp. 582–586, 2013.
    [10] P. Bosshart, D. Daly, G. Gibb, M. Izzard, N. McKeown, J. Rexford, C. Schlesinger,
    D. Talayco, A. Vahdat, G. Varghese, et al., “P4: Programming protocol-independent
    packet processors,” ACM SIGCOMM Computer Communication Review, vol. 44,
    no. 3, pp. 87–95, 2014.
    [11] M. A. Siddiqui, Data mining methods for malware detection. University of Central
    Florida, 2008.
    [12] M. Musiol, “Speeding up deep learning computational aspects of machine learning,”
    01 2016.
    [13] Y.-Y. Song and L. Ying, “Decision tree methods: applications for classification and
    prediction,” Shanghai archives of psychiatry, vol. 27, no. 2, p. 130, 2015.
    [14] T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, and M. Ghogho, “Deep recurrent neural network for intrusion detection in sdn-based networks,” in 2018 4th
    IEEE Conference on Network Softwarization and Workshops (NetSoft), pp. 202–206,
    IEEE, 2018.
    [15] S. Knight, H. X. Nguyen, N. Falkner, R. Bowden, and M. Roughan, “The internet
    topology zoo,” IEEE Journal on Selected Areas in Communications, vol. 29, no. 9,
    pp. 1765–1775, 2011.
    [16] H. Wang, R. Soule, H. T. Dang, K. S. Lee, V. Shrivastav, N. Foster, and H. Weath- ´
    erspoon, “P4fpga: A rapid prototyping framework for p4,” in Proceedings of the
    Symposium on SDN Research, pp. 122–135, 2017.
    [17] The P4 Language Consortium, “P416 language specification.”
    https://p4.org/wp-content/uploads/2022/09/P4_16_
    -Language-Specification.html, 2022.
    [18] The P4.org API Working Group, “P4runtime specification.” https://p4.org/
    p4-spec/p4runtime/v1.3.0/P4Runtime-Spec.html, 2020.

    無法下載圖示
    全文公開日期 2027/09/28 (校外網路)
    全文公開日期 2027/09/28 (國家圖書館:臺灣博碩士論文系統)
    QR CODE