淡江大學機構典藏:Item 987654321/114495
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 64178/96951 (66%)
造訪人次 : 9410738      線上人數 : 9314
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
    •  進階搜尋


    請使用永久網址來引用或連結此文件: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/114495


    題名: 攻擊程式出現預測 : 社群媒體(Twitter)情資分析應用
    其他題名: Prediction of real-world exploits : the use of social media (Twitter) analytics
    作者: 王妤平;Wang, Yu-Ping
    貢獻者: 淡江大學資訊管理學系碩士班
    鄭啟斌;Cheng, Chi-Bin
    關鍵詞: Bayes’ probability;classification;data imbalance;Decision tree;Machine learning;Support Vector Machine;Vulnerability;分類;支持向量機;決策樹;貝氏機率;資料不平衡;漏洞;機器學習
    日期: 2017
    上傳時間: 2018-08-03 14:54:28 (UTC+8)
    摘要: 隨著網路基礎設施普及以及資訊系統的廣泛使用,企業或組織曝露在資安風險的機率越來越高。而不時被揭露的軟硬體漏洞更提供了網路犯罪份子開發攻擊程式危害企業組織的管道。漏洞資訊及其討論經常透過網路論壇交流,在社群媒體興起後,更成為資安資訊交換的平台。本研究之目的即在於利用Twitter上發佈討論的漏洞訊息,提前發現可能會被網路罪犯利用開發並進行攻擊的漏洞。
    本研究除了收集Twitter上的漏洞資訊外,並參考其他資安資源以擴充對漏洞特性的描述;這些資安資源包括:美國國家漏洞數據庫、第三方漏洞平台( CVE Details與VULDB)、ExploitDB以及Microsoft Technet。本研究提出一個三階段的分類方法來預測一個漏洞被利用開發的機率,同時以k-means分群來調整樣本中正反案例的比例,以降低資料(類別)不平衡問題對預測準確度的影響。三階段分類的步驟為:(1)第一階段使用支持向量機(SVM)訓練分類器;(2)SVM測試結果中,被判定為會被實作攻擊碼者之案例,在第二階段用以訊練決策樹分類;(3) 決策樹測試結果為實作攻擊碼者,在第三階段計算其貝氏機率,以作為企業防禦或廠商開發修補程式之依據。
    As the growth and completeness of networking infrastructure and the popularity of information systems, enterprises and organizations are greatly exposed under information security risk. Software and hardware vulnerabilities that are revealed frequently provide a convenient way for cyber criminals to exploit and attack enterprises or organizations. The publications and discussions of vulnerabilities are frequently found on internet forums; social media have become major platforms for such information exchange after their popularity. The goal of this study is to utilize messages on Twitter regarding vulnerabilities to assess the probability that a vulnerability will be exploited in the real-world.
    Beside messages on Twitter, information security resources are also used to extract the features of a vulnerability; these resources include: National Vulnerability Database, CVE Details, VulDB, ExploitDB and Microsoft Technet. The study proposes a three-stage classification model to predict the probability that a vulnerability will be exploited, and employs the k-means clustering to adjust the ratio between the positive and negative instances in the sample to alleviate the data (class) imbalance problem during training. The steps of the three-stage classifier are: (1) using support vector machine (SVM) at the first stage training; (2) at the second stage, those instances that are classified as exploited in the testing sample by SVM are further used as training sample of the decision tree classification; (3) the third stage compute the Bayes’ probabilities of those instances which are classified as exploited by decision tree in the testing result. The resulting Bayes’ probabilities serve as a reference for enterprises or vendors to take an appropriate action to a vulnerability.
    顯示於類別:[資訊管理學系暨研究所] 學位論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML247檢視/開啟

    在機構典藏中所有的資料項目都受到原著作權保護.

    TAIR相關文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回饋