패킷 로그 분석을 통한 Snort 규칙 추천 기법 연구
|dc.description.abstract||Recently, as using of network service systems providing various services, such as FTP increases, attacks of hacker on them having vulnerabilities are increasing. Thus we need various security tools for detecting and preventing attacks. A IDS(Intrusion Detection System) being one of security tools detects external attacks by using rules for intrusion detection. Because applying whole of rules at a IDS consumes many resources and decrease speed of services, users of IDS need knowledge of security experts to properly configure rules at a IDS. To overcome these problems, this thesis proposes the system recommending Snort rules through packet log analysis. For this, firstly, the proposed system structures Snort rules and analyzes packet log generated from network service systems by using structured rule data. Secondly, the proposed system recommends proper rules based on the result of analysis. Finally, the proposed system applies recommended rules at Snort and removes them from Snort. The proposed system has an advantage of managing rules at Snort automatically and efficiently without knowledge of security experts.||-|
|dc.description.tableofcontents||1장 서 론 1 2장 관련 연구 3 2.1 침입 탐지 시스템 3 2.2 Snort 5 2.3 Snort 규칙 6 3 장 Snore 규칙 추천 시스템의 설계 및 구현 13 3.1 Snort 규칙 구조화 모듈 13 3.2 패킷 로그 분석 모듈 25 3.3 규칙 추천 모듈 32 4 장 시스템 검증 37 5 장 결론 및 향후 과제 46 참고문헌 47||-|
|dc.title||패킷 로그 분석을 통한 Snort 규칙 추천 기법 연구||-|
|dc.title.alternative||Snort Rule Recommendation Technique through Packet Log Analysis||-|
Items in Repository are protected by copyright, with all rights reserved, unless otherwise indicated.