淡江大學機構典藏:Item 987654321/102414
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 62830/95882 (66%)
Visitors : 4039346      Online Users : 767
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/102414


    Title: 運用軟體定義網路消弭網路攻擊初期災害
    Other Titles: Employing software-defined network to eliminate the early disaster of cyber attacks
    Authors: 黃翊宸;Huang, Yi-Chen
    Contributors: 淡江大學資訊管理學系碩士班
    梁德昭;Liang, Te-Chao
    Keywords: 軟體定義網路;OpenFlow;入侵偵測系統;Open vSwitch;OpenDaylight;SDN;IDS
    Date: 2014
    Issue Date: 2015-05-04 09:55:09 (UTC+8)
    Abstract: 在網路的世界中,防杜外部入侵與內部網路攻擊所造成的災害一向是重要的議題。如何有效的防範並減少網路攻擊成功的機會至關重要。早期通常仰賴入侵偵測或入侵防範系統來預警,如今有了軟體定義網路(SDN)的架構提出,使得原本的網路架構得以配合上自行開發之SDN應用程式能夠有效而及時的針對潛在的網路攻擊進行防衛及因應處置。

    本文將提出將IDS配合SDN應用程式自動化的構想,用以優化IDS或IPS告警程序並縮短網管人員進行防火牆等網路設備修訂網路政策所需時間,進而降低網路攻擊成功之機會,同時封鎖網路攻擊封包來源,使攻擊封包進網路交換器傳送前即被丟棄,從而大量減少網路攻擊封包所消耗的頻寬。
    In cyber world, it has been always an important issue that to prevent disasters from external intrusion as well as internal attacks. How to effectively prevent from cyber attacks or reduce the damage of a successful cyber attacks are then critical to be explored. Usually they are rely on intrusion detection or intrusion prevention systems for early warning, however, a software-defined network (SDN) architecture has been proposed such that a self-developed SDN application program can be employed to effectively defense and timely response to the potential network attack .

    In this article, a concept that using IDS application with SDN automation is proposed. It can optimize IDS/IPS alert procedures and shorten the time of amending network security policy on network equipments such as firewall and routers. It is supposed to reduce the possibility of a successful cyber attack than the usual way. Furthermore, SDN cooperated with Open Flow can also discard attack packets in advance before they can enter into network switch, this will reduce the bandwidth consumed by network attacks.
    Appears in Collections:[Graduate Institute & Department of Information Management] Thesis

    Files in This Item:

    File SizeFormat
    index.html0KbHTML266View/Open

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback