한국해양대학교

Detailed Information

Metadata Downloads

패킷 로그 분석을 통한 Snort 규칙 추천 기법 연구

Title
패킷 로그 분석을 통한 Snort 규칙 추천 기법 연구
Alternative Title
Snort Rule Recommendation Technique through Packet Log Analysis
Author(s)
박근우
Issued Date
2011
Publisher
한국해양대학교
URI
http://kmou.dcollection.net/jsp/common/DcLoOrgPer.jsp?sItemId=000002176102
http://repository.kmou.ac.kr/handle/2014.oak/10441
Abstract
Recently, as using of network service systems providing various services, such as FTP increases, attacks of hacker on them having vulnerabilities are increasing. Thus we need various security tools for detecting and preventing attacks. A IDS(Intrusion Detection System) being one of security tools detects external attacks by using rules for intrusion detection. Because applying whole of rules at a IDS consumes many resources and decrease speed of services, users of IDS need knowledge of security experts to properly configure rules at a IDS. To overcome these problems, this thesis proposes the system recommending Snort rules through packet log analysis. For this, firstly, the proposed system structures Snort rules and analyzes packet log generated from network service systems by using structured rule data. Secondly, the proposed system recommends proper rules based on the result of analysis. Finally, the proposed system applies recommended rules at Snort and removes them from Snort. The proposed system has an advantage of managing rules at Snort automatically and efficiently without knowledge of security experts.
Appears in Collections:
컴퓨터공학과 > Thesis
Files in This Item:
000002176102.pdf Download

Items in Repository are protected by copyright, with all rights reserved, unless otherwise indicated.

Browse