整合入侵偵測系統與活動目錄認證機制

機構典藏 > College of Engineering > Graduate Institute & Department of Computer Science and Information Engineering > Thesis > Item 987654321/52400

Please use this identifier to cite or link to this item: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/52400

Title:	整合入侵偵測系統與活動目錄認證機制
Other Titles:	Integrating the intrusion detection system with authentication of active directory
Authors:	卓俞佑;Cho, Yu-yu
Contributors:	淡江大學資訊工程學系資訊網路與通訊碩士班陳瑞發
Keywords:	活動目錄;使用者認證;網路管控;入侵偵測系統;輕型目錄訪問協議;Active Directory;Authorization;IP/MAC Address Management;Intrusion Detection System;Lightweight Directory Access Protocol
Date:	2010
Issue Date:	2010-09-23 17:36:11 (UTC+8)
Abstract:	現今網路中，電腦設備的管控與防止網路非法入侵，越來越受重視，大多數的網路管理方法，只單對電腦IP/MAC address管理或是只有處理使用者認證，因為欠缺一個整合的管理機制，網路管理者無法即時得知使用者上線狀況與其IP/MAC address。因此，本論文以建立一個整合Active Directory目錄認證與IP/MAC Address為目標，能夠達到有效的管理使用者使用電腦網路資源的行為，即時管控使用者在使用電腦的行為，不讓非法的使用者擅自使用電腦。而當使用者嘗試猜測其他使用者密碼時，減少使用者猜測密碼次數，如果達到我們猜測密碼次數，我們將認定為非法使用者，並封鎖其IP Address，以達到管理人員管控系統之目的。 The computer management and Intrusion detection are more important in recent years. Most of the network managements are focus on either managing IP/MAC address or authentication, network administrator cannot bind users’ on-line status with its IP/MAC address in real time. In this thesis, we proposed an integrated Active Directory authentication to manage users’ behaviors including the IP/MAC address of computer. By using the proposed mechanism, if it can prevent the unauthenticated user logon computers. To catch the illegal user who is guessing password early is another concern of this thesis that. The network supervisor will block his host if the limited number of guessing password is over.
Appears in Collections:	[Graduate Institute & Department of Computer Science and Information Engineering] Thesis

Files in This Item:

File	Size	Format
index.html	0Kb	HTML	190	View/Open

Loading...