Basic Search / Detailed Display

Author: 嚴和煜
Ho-yu Yen
Thesis Title: 用於MANET之可攜性智慧型入侵偵測系統
A Portable Intelligent Intrusion Detection System for Mobile Ad hoc Networks
Advisor: 馮輝文
Huei-wen Ferng
Committee: 黎碧煌
Bih-hwang Lee
Jeng-ji Huang
Degree: 碩士
Department: 電資學院 - 資訊工程系
Department of Computer Science and Information Engineering
Thesis Publication Year: 2011
Graduation Academic Year: 99
Language: 英文
Pages: 27
Keywords (in Chinese): 無線隨意行動網路入侵偵測有限狀態機支援向量機模糊理論攻擊網路安全.
Keywords (in other languages): Wireless Ad Hoc Network, Intrusion Detection, Support Vector Machine (SVM), Finite State Machine (FSM), Fuzzy, Attack, Network Security.
Reference times: Clicks: 315Downloads: 2
School Collection Retrieve National Library Collection Retrieve Error Report

可攜性智慧型入侵偵測系統是一套用於無線隨意行動網路(Mobile Ad Hoc Network)的複合式系統, 它結合了有限狀態機(Finite State Machine), 支援向量機(Support Vector Machine)跟模糊理論(Fuzzy Theory), 用來偵測三種在無線隨意行動網路上常見的攻擊方式, 包含了IP/MAC Spoofing, RREQ Flooding 跟 Man-in-the-Middle. 以隨意行動網路的觀點來看, 我們建議使用低複雜運算的演算法及簡單的系統架構來建置可攜性智慧型入侵偵測系統. 因此, 可攜性智慧型入侵偵測系統可以被應用於移動式裝置上, 例如: 小筆電(ePC), 筆記型電腦, 平版電腦...等等, 甚至是智慧型手機. 為了實現上述的二個特點, 可攜性智慧型入侵偵測系統使用模糊理論去分析所收到的封包, 然後將信任度低的封包交給支援向量機去做第二階段的分析. 本篇論文詳細的敘述了可攜性智慧型入侵偵測系統的每一個部分. 特別要注意的是, 本篇論文還詳細的敘述了我們如何去將一篇期刊所提的方法實作出來, 將其應用於實際網路上所遇到的問題, 以及我們如何去解決這些問題跟改進系統. 最後, 我們也針對可攜性智慧型入侵偵測系統做了一系列的測試.

A Portable Intelligent Intrusion Detection System is a hybird system for mobile ad hoc networks, combines the three modules which are Support Vector Machine, Fuzzy and Finite State Machine. It is used for detecting three kinds of well-known intrusion in mobile ad hoc netwoks, which are IP/MAC spoofing attack, route request (RREQ) flooding attack and Man-in-the-Middle attack. In view of the mobility of mobile ad hoc networks, we proposed using non-complicated algorithms and simple system achitecture to build up Portable Intelligent Intrusion Detection System. Hence, it can be applied to mobile devices as ePC, notebook ...etc, even smart phone. For achieving these two characteristics, it uses the fuzzy set to process the network input packets and extract to suspicious ones for Support Vector Machine for training model and classification. The thesis describes the components in the architecture of Portable Intelligent Intrusion Detection System and their details. Particular attention is given to explaining how we implement a proposal, what we observe in real network and how we improve by using fuzzy set. At last, a series of experiments are conducted to evaluate the peformace of proposed method.

1 Introduction 2 Related Work 2.1 Mobile Ad hoc Network 2.2 Support Vector Machine 2.3 Fuzzy Set Theory 2.4 A Joint Defense System in [8] 2.5 Comparison with Our Design 3 Portable Intelligent Intrusion Detection System for Ad hoc Net- works 3.1 Implementation of Intrusion Detection System 3.1.1 Requirements 3.1.2 Testing Environment 3.1.3 Results and Discussions 3.1.4 Refinement 3.2 A Portable Intelligent Intrusion Detection System 3.2.1 Incorporation of Fuzzy Concept 3.2.2 Architecture 4 Complexity Analysis 4.1 Time Complexity 4.1.1 Finite State Machine/Fuzzy System 4.1.2 Support Vector Machine 4.2 Complexity of Our Design 5 Performance Evaluation 6 Conclusion

[1] Lei, L., G. Zhi-ping, et al. (2010). Fuzzy Multi-class Support Vector Machine Based on Binary Tree in Network Intrusion Detection. Electrical and Control Engineering (ICECE), 2010 International Conference on.
[2] Guiling, Z., K. Yongzhen, et al. (2010). An Improvement of Payload-Based
Intrusion Detection Using Fuzzy Support Vector Machine. Intelligent Systems
and Applications (ISA), 2010 2nd International Workshop on.
[3] Wei, Z., T. Shaohua, et al. (2010). Fuzzy Multi-Class Support Vector Machines for cooperative network intrusion detection. Cognitive Informatics (ICCI), 2010 9th IEEE International Conference on.
[4] Ibrahim, M. M., N. Sadek, et al. (2009). Prevention of flooding attack in wireless ad-hoc AODV-based networks using Real-time Host Intrusion Detection.
Wireless and Optical Communications Networks, 2009. WOCN ’09. IFIP International
Conference on.
[5] Du, H., S. Teng, et al. (2009). Intrusion Detection Based on Fuzzy Support
Vector Machines. Networks Security, Wireless Communications and Trusted
Computing, 2009. NSWCTC ’09. International Conference on.
[6] Wentao, L. (2009). Research on DoS Attack and Detection Programming. Intelligent Information Technology Application, 2009. IITA 2009. Third International Symposium on.
[7] Karthik, S., R. M. Bhavadharini, et al. (2008). Analyzing interaction between Denial of Service (DoS) attacks and threats. Computing, Communication and Networking, 2008. ICCCn 2008. International Conference on.
[8] Huei-Wen, F. and L. Chien-Liang (2006). Design of a Joint Defense System
for Mobile Ad Hoc Networks. Vehicular Technology Conference, 2006. VTC
2006-Spring. IEEE 63rd.
[9] Martin, J., L. Manickam, et al. (2007). Fuzzy Based Trusted Ad Hoc Ondemand
Distance Vector Routing Protocol for MANET. Wireless and Mobile
Computing, Networking and Communications, 2007. WiMOB 2007. Third
IEEE International Conference on.
[10] Xun, W., Y. Wei, et al. (2007). Detecting worms via mining dynamic program
execution. Security and Privacy in Communications Networks and the Workshops,
2007. SecureComm 2007. Third International Conference on.
[11] C. Perkins, E. Belding-Royer, and S. Das., “Ad hoc On-Demand Distance Vector (AODV) Routing,” Internet Draft, draft-ietf-manet-aodv.txt, 2003.
[12] Chun-Fu, L. and W. Sheng-De (2002). ”Fuzzy support vector machines.” Neural
Networks, IEEE Transactions on 13(2): 464-471.
[13] The network simulator – ns-2,
[14] An open source network intrusion prevention and detection system – SNORT,
[15] C. Chang and C. Lin, A Library for Support Vector Machines – LIBSVM, cjlin/libsvm/
[16] A free software based on AODV(RFC 3561) – UoBWinAODV,