• Aucun résultat trouvé

A Cooperative and Hybrid Network Intrusion Detection Framework in Cloud Computing Based on Snort and Optimized Back Propagation Neural Network

N/A
N/A
Info
Télécharger
Protected

Academic year: 2021

Partager "A Cooperative and Hybrid Network Intrusion Detection Framework in Cloud Computing Based on Snort and Optimized Back Propagation Neural Network"

Copied!
3
0
0

Chargement.... (Voir le texte intégral maintenant)

Texte intégral

(1)

Procedia Computer Science 83 ( 2016 ) 1200 – 1206

1877-0509 © 2016 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).

Peer-review under responsibility of the Conference Program Chairs doi: 10.1016/j.procs.2016.04.249

ScienceDirect

Available online at www.sciencedirect.com

7KHQG,QWHUQDWLRQDO:RUNVKRSRQ0RELOH&ORXG&RPSXWLQJ6\VWHPV0DQDJHPHQWDQG 6HFXULW\0&606

$&RRSHUDWLYHDQG+\EULG1HWZRUN,QWUXVLRQ'HWHFWLRQ)UDPHZRUN LQ&ORXG&RPSXWLQJ%DVHGRQ6QRUWDQG2SWLPL]HG%DFN

3URSDJDWLRQ1HXUDO1HWZRUN

=&KLED1$EJKRXU.0RXVVDLG$(ORPUL05LGD

7HDPRI0RGHOLQJDQG2SWLPL]DWLRQRIPRELOHVHUYLFHV)DFXOW\RI6FLHQFHV+DVVDQ,,8QLYHUVLW\RI&DVDEODQFD&DVDEODQFD0RURFFR

$EVWUDFW

&ORXG FRPSXWLQJ SURYLGHV D IUDPHZRUN IRU VXSSRUWLQJ HQG XVHUV HDVLO\ DWWDFKLQJ SRZHUIXO VHUYLFHV DQG DSSOLFDWLRQV WKURXJK ,QWHUQHW7RJLYHVHFXUHDQGUHOLDEOHVHUYLFHVLQFORXGFRPSXWLQJHQYLURQPHQWLVDQLPSRUWDQWLVVXH3URYLGLQJVHFXULW\UHTXLUHV PRUH WKDQ XVHU DXWKHQWLFDWLRQ ZLWK SDVVZRUGV RU GLJLWDO FHUWLILFDWHV DQG FRQILGHQWLDOLW\ LQ GDWD WUDQVPLVVLRQ EHFDXVH LW LV YXOQHUDEOHDQGSURQHWRQHWZRUNLQWUXVLRQVWKDWDIIHFWFRQILGHQWLDOLW\DYDLODELOLW\DQGLQWHJULW\ RI&ORXGUHVRXUFHVDQGRIIHUHG VHUYLFHV 7R GHWHFW 'R6 DWWDFN DQG RWKHU QHWZRUNOHYHO PDOLFLRXVDFWLYLWLHVLQ &ORXG XVH RI RQO\ WUDGLWLRQDO ILUHZDOOLV QRW DQ HIILFLHQWVROXWLRQ,QWKLVSDSHUZHSURSRVHDFRRSHUDWLYHDQGK\EULGQHWZRUNLQWUXVLRQGHWHFWLRQ V\VWHP&+1,'6WRGHWHFW QHWZRUNDWWDFNVLQWKH&ORXGHQYLURQPHQWE\PRQLWRULQJQHWZRUNWUDIILFZKLOHPDLQWDLQLQJSHUIRUPDQFHDQGVHUYLFHTXDOLW\,Q RXU1,'6IUDPHZRUNZHXVH6QRUWDVDVLJQDWXUHEDVHGGHWHFWLRQWRGHWHFWNQRZQDWWDFNVZKLOHIRUGHWHFWLQJQHWZRUNDQRPDO\

ZHXVH%DFN3URSDJDWLRQ1HXUDOQHWZRUN%31%\DSSO\LQJVQRUWSULRUWRWKH%31FODVVLILHU%31KDVWRGHWHFWRQO\XQNQRZQ DWWDFNV 6R GHWHFWLRQ WLPH LV UHGXFHG 7R VROYH WKH SUREOHP RI VORZ FRQYHUJHQFH RI %31 DQG EHLQJ HDV\ WR IDOO LQWR ORFDO RSWLPXPZHSURSRVHWRRSWLPL]HWKHSDUDPHWHUVRILWE\XVLQJDQRSWLPL]DWLRQDOJRULWKPLQRUGHUWRHQVXUHKLJKGHWHFWLRQUDWH KLJKDFFXUDF\ORZIDOVHSRVLWLYHVDQGORZIDOVHQHJDWLYHVZLWKDIIRUGDEOHFRPSXWDWLRQDOFRVW,QDGGLWLRQLQWKLVIUDPHZRUNWKH ,'6V RSHUDWH LQ FRRSHUDWLYH ZD\ WR RSSRVH WKH 'R6 DQG ''R6 DWWDFNV E\ VKDULQJ DOHUWV VWRUHG LQ FHQWUDO ORJ ,Q WKLV ZD\

XQNQRZQDWWDFNVWKDWZHUHGHWHFWHGE\DQ\,'6FDQHDVLO\EHGHWHFWHGE\RWKHUV,'6V7KLVDOVRKHOSVWRUHGXFHFRPSXWDWLRQDO FRVWIRUGHWHFWLQJLQWUXVLRQVDWRWKHUV,'6DQGLPSURYHGHWHFWLRQUDWHLQRYHUDOOWKH&ORXGHQYLURQPHQW

‹7KH$XWKRUV3XEOLVKHGE\(OVHYLHU%9

3HHUUHYLHZXQGHUUHVSRQVLELOLW\RIWKH&RQIHUHQFH3URJUDP&KDLUV

.H\ZRUGV&ORXGFRPSXWLQJ1HWZRUNLQWUXVLRQGHWHFWLRQ%DFNSURSDJDWLRQQHXUDOQHWZRUN6QRUW2SWLPL]DWLRQDOJRULWKP

=RXKDLU&KLED7HO (PDLODGGUHVVFKLED]RXKDLU#JPDLOFRP

© 2016 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).

Peer-review under responsibility of the Conference Program Chairs

(2)

1201 Z. Chiba et al. / Procedia Computer Science 83 ( 2016 ) 1200 – 1206

,QWURGXFWLRQ

&ORXGFRPSXWLQJ&&LVUDSLGO\JURZLQJFRPSXWDWLRQDOPRGHOLQWRGD\µV,7ZRUOG,WGHOLYHUVFRQYHQLHQWRQ GHPDQG QHWZRUN DFFHVV WR D VKDUHG SRRO RI FRQILJXUDEOH FRPSXWLQJ UHVRXUFHV HJ 1HWZRUNV VHUYHUV VWRUDJH DSSOLFDWLRQVHWF³DVVHUYLFH´RQWKHLQWHUQHWIRUVDWLVI\LQJFRPSXWLQJGHPDQGRIXVHUV

$UHFHQWVXUYH\SHUIRUPHGE\&ORXG6HFXULW\$OOLDQFH&6$ ,(((LQGLFDWHVWKDWHQWHUSULVHVDFURVVVHFWRUV DUHHDJHUWRDGRSWFORXGFRPSXWLQJEXWWKDWVHFXULW\DUHQHHGHGERWKWRDFFHOHUDWHFORXGDGRSWLRQRQDZLGHVFDOH DQG WR UHVSRQG WR UHJXODWRU\ GULYHUV 2QH RI PDMRU VHFXULW\ LVVXHV LQ &ORXG LV WR GHWHFW DQG SUHYHQW QHWZRUN LQWUXVLRQV VLQFH WKH QHWZRUN LV WKH EDFNERQH RI &ORXG DQG KHQFH YXOQHUDELOLWLHV LQ QHWZRUN GLUHFWO\ DIIHFW WKH VHFXULW\RI&ORXG/0DUWLIURP&\EHU6HFXULW\GLYLVLRQVWDWHGWKDWPDLQFRQFHUQDIWHUGDWDVHFXULW\LVDQLQWUXVLRQ GHWHFWLRQDQGSUHYHQWLRQLQWKH&ORXG

7KHUHDUHSULQFLSDOO\WZRW\SHVRIWKUHDGVLQVLGHUDWWDFNHUVZLWKLQD&ORXGQHWZRUNDQGRXWVLGHUDWWDFNHUVRXWVLGH WKH&ORXGQHWZRUNFRQVLGHUHGLQ&ORXG1HWZRUN

x ,QVLGHU DWWDFNHUV $XWKRUL]HG &ORXG XVHUV PD\ DWWHPSW WR JDLQ DQG PLVXVH XQDXWKRUL]HG SULYLOHJHV ,QVLGHUVPD\FRPPLWIUDXGVDQGGLVFORVHLQIRUPDWLRQWRRWKHURUPRGLI\LQIRUPDWLRQLQWHQWLRQDOO\7KLV SRVHVDVHULRXVWUXVWLVVXH)RUH[DPSOHDQLQWHUQDO'R6DWWDFNGHPRQVWUDWHGDJDLQVWWKH$PD]RQ(ODVWLF

&RPSXWH&ORXG(&

x 2XWVLGHUDWWDFNHUV FDQ EH FDOOHG DVWKHQHWZRUN DWWDFNHUVZKR DUHDEOH WR SHUIRUP GLIIHUHQWDWWDFNV DV ,3 VSRRILQJ $GGUHVV 5HVROXWLRQ 3URWRFRO $53 VSRRILQJ '16 SRLVRQLQJ PDQLQWKHPLGGOH 'HQLDO RI 6HUYLFH 'RV'LVWULEXWHG 'HQLDO RI VHUYLFH ''R6 DWWDFNV SKLVKLQJ DWWDFN XVHU WR URRW DWWDFN 3RUW VFDQQLQJ DWWDFN RQ YLUWXDO PDFKLQH 90 RU K\SHUYLVRU VXFK %/8(3,// DQG '.60 WKURXJK ZKLFK KDFNHUV FDQ EH DEOH WR FRPSURPLVH LQVWDOOHGK\SHUYLVRU WR JDLQ FRQWURO RYHU WKH KRVW %DFNGRRU FKDQQHO DWWDFNVHWF

7KHVH DWWDFNV DIIHFW WKH LQWHJULW\ FRQILGHQWLDOLW\ DQG DYDLODELOLW\ RI &ORXGUHVRXUFHV DQG RIIHUHG VHUYLFHV 7R DGGUHVV DERYH LVVXHV PDMRU &ORXG SURYLGHUV OLNH $PD]RQ (&& :LQGRZ $]XUH 5DFN 6SDFH (XFDO\SWXV 2SHQ 1HEXODHWFXVHWKHILUHZDOO)LUHZDOOSURWHFWVWKHIURQWDFFHVVSRLQWVRIV\VWHPDQGLVWUHDWHGDVWKHILUVWOLQHRI GHIHQVH$VILUHZDOOVQLIIVWKHQHWZRUNSDFNHWVRQO\DWWKHERXQGDU\RIDQHWZRUNLQVLGHUDWWDFNVFDQQRWEHGHWHFWHG E\LW)HZ'R6RU''R6DWWDFNVDUHWRRFRPSOH[WRGHWHFWXVLQJWUDGLWLRQDOILUHZDOO)RUH[DPSOHLIWKHUHLVDQ DWWDFNRQSRUWZHEVHUYLFHILUHZDOOFDQQRWGLIIHUHQWLDWHQRUPDODQGOHJLWLPDWHWUDIILFIURP'R6DWWDFNWUDIILF 7KXV XVH RI RQO\ WUDGLWLRQDO ILUHZDOO WR EORFN DOOWKH LQWUXVLRQVLVQRWDQ HIILFLHQW VROXWLRQ $QRWKHU VROXWLRQ LV WR GHSOR\QHWZRUNEDVHGLQWUXVLRQGHWHFWLRQV\VWHP1,'6LQ&ORXGFRPSXWLQJ1,'6FDSWXUHVWKHQHWZRUNSDFNHWV DQGDSSOLHVLQWUXVLRQGHWHFWLRQWHFKQLTXHVRQFDSWXUHGSDFNHWVLQRUGHUWRGHWHFWQHWZRUNVDWWDFNV

2XUFRQWULEXWLRQ

:HSURSRVHDQHZVHFXULW\ IUDPHZRUNWKDWLQWHJUDWHVDFRRSHUDWLYHDQGK\EULG1,'6WR&ORXGRIIHULQJ,DDV :HGHSOR\RXU&+1,'6DWWKH)URQWHQGRQ&ORXG&RQWUROOHUDVZHOODVDWRQ%DFNHQGRQHDFKSURFHVVLQJVHUYHU KRVWLQJ 90 LQ RUGHU WR GHWHFW ERWK LQWHUQDO DQG H[WHUQDO QHWZRUN LQWUXVLRQV LQ &ORXG (QYLURQPHQW ,Q WKLV IUDPHZRUNZHXVHERWKWKHWHFKQLTXHVVLJQDWXUHEDVHGGHWHFWLRQDQGDQRPDO\EDVHGGHWHFWLRQ6QRUWDVDVLJQDWXUH EDVHG GHWHFWLRQ LV XVHGWR GHWHFW NQRZQ DWWDFNV ZKLOH IRUGHWHFWLQJQHWZRUN DQRPDO\ ZH XVH DQ RSWLPL]HG %DFN 3URSDJDWLRQ1HXUDOQHWZRUN%316HYHUDOUHVHDUFKHUVXVHG%31DSSURDFKIRUGHWHFWLRQLQWUXVLRQDWWDFNVEHFDXVH LW KDV VKRZQ JRRG FDSDELOLW\ LQ GHWHFWLQJ DWWDFNV %XW DFFRUGLQJ WR PDQ\ UHVHDUFKHV %31 KDV WKH IROORZLQJ ZHDNQHVVHV

x 6ORZGHWHFWLRQVSHHG x /RZGHWHFWLRQDFFXUDF\

x (DV\WRIDOOLQWRORFDOPLQLPXPYDOXH x 6ORZFRQYHUJHQFHVSHHG

,QRUGHUWRVROYHWKHSUREOHPVDERYHZHSURSRVHWRRSWLPL]HWKH%31E\XVLQJDQRSWLPL]DWLRQDOJRULWKP

&RPELQLQJ VLJQDWXUH EDVHG GHWHFWLRQ DQG DQRPDO\ GHWHFWLRQ LQ RXU 1,'6 PRGXOH LPSURYHV GHWHFWLRQ DFFXUDF\

VLQFH WKH\ DUH FRPSOLPHQWLQJ HDFK RWKHU ,Q DGGLWLRQ WKH VLJQDWXUH EDVHG GHWHFWLRQ WHFKQLTXH LV DSSOLHG SULRU WR DQRPDO\ GHWHFWLRQ ZKLFK UHGXFHV WKH FRPSXWDWLRQDO FRVW %31 FODVVLILHU KDV WR GHWHFW RQO\ XQNQRZQ DWWDFNV EHFDXVHNQRZQDWWDFNVDUHDOUHDG\GHWHFWHGE\6QRUWDQGGHQLHG%\XVLQJFHQWUDOORJRIPDOLFLRXVSDFNHWVGHWHFWHG

(3)

Références

Télécharger maintenant ( PDF - 3 Page - 164.67 KB )

Documents relatifs

A hybrid neural network model based an improved PSO and SA for bankruptcy prediction

Many studies compared the ANN performance to other models: The study elaborated by [10] examined the predictive ability of four most commonly used financial

PREDICTING TECHNOLOGY SUCCESS BASED ON PATENT DATA, USING A WIDE AND DEEP NEURAL NETWORK AND A RECURRENT NEURAL NETWORK

This method has been implemented using the USPTO Patent Database, with a comparative study of two Neural Networks: a Wide and Deep Neural Network and a Recurrent Neural Network,

Hybrid deep neural network anomaly detection system for SCADA networks

Our thesis objective is to propose an accurate anomaly detection system in terms of detection rate and false positive rate, and efficient in terms of processing time in SCADA

Quasi-optimized memorization and retrieval dynamics in sparsely connected neural network models

We have shown that for randomly chosen information the performance of optimized sparsely connected networks is quite superior to that of short-ranged lattice models as

Le tabac : un produit mortel - Canada.ca

Nouveau projet de loi visant à protéger les jeunes tout en permettant aux adultes d’accéder à des produits de substitution du tabac potentiellement moins nocifs PROTÉGER

A New Method of Transductive SVM-Based Network Intrusion Detection

Based on the existing Transductive SVM and via introducing smooth function P ( , )   to construct smooth cored unconstrained optimization problem, this article

A Hybrid Forecasting Framework with Neural Network and Time-Series Method for Intermittent Demand in Semiconductor Supply Chain

A Hybrid Forecasting Framework with Neural Network and Time-Series Method for Intermittent Demand in Semiconductor Supply Chain... As the primary prerequisite of capacity

Sticking Properties of Water Clusters

Indeed, at least under our experimental condi- tions, we find that the attachment cross sections of water molecules onto charged water clusters are always smaller than or equal to