Á¤º¸Ã³¸®ÇÐȸ ³í¹®Áö ¼ÒÇÁÆ®¿þ¾î ¹× µ¥ÀÌÅÍ °øÇÐ
Current Result Document : 15 / 17
| ÇѱÛÁ¦¸ñ(Korean Title) |
LID-DS µ¥ÀÌÅÍ ¼¼Æ®¸¦ »ç¿ëÇÑ ±â°èÇнÀ ¾Ë°í¸®Áò ºñ±³ ¿¬±¸ |
| ¿µ¹®Á¦¸ñ(English Title) |
A Comparative Study of Machine Learning Algorithms Using LID-DS DataSet |
| ÀúÀÚ(Author) |
¹Ú´ë°æ
·ù°æÁØ
½Åµ¿ÀÏ
½Åµ¿±Ô
¹ÚÁ¤Âù
±èÁø±¹
Park DaeKyeong
Ryu KyungJoon
Shin DongIl
Shin DongKyoo
Park JeongChan
Kim JinGoog
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 10 NO. 03 PP. 0091 ~ 0098 (2021. 03) |
Çѱ۳»¿ë
(Korean Abstract) |
¿À´Ã³¯ Á¤º¸Åë½Å ±â¼úÀÌ ±Þ°ÝÇÏ°Ô ¹ß´ÞÇÏ¸é¼ IT ÀÎÇÁ¶ó¿¡¼ º¸¾ÈÀÇ Á߿伺ÀÌ ³ô¾ÆÁ³°í µ¿½Ã¿¡ Áö´ÉÇü Áö¼Ó °ø°Ý(Advanced Persistent Threat)ó·³ °íµµÈµÇ°í ´Ù¾çÇÑ ÇüÅÂÀÇ »çÀ̹ö °ø°ÝÀÌ Áõ°¡ÇÏ°í ÀÖ´Ù. Á¡Á¡ ´õ °íµµÈµÇ´Â »çÀ̹ö °ø°ÝÀ» Á¶±â¿¡ ¹æ¾îÇϰųª ¿¹ÃøÇÏ´Â °ÍÀº ¸Å¿ì Áß¿äÇÑ »ç¾ÈÀ¸·Î, NIDS(Network-based Intrusion Detection System) °ü·Ã µ¥ÀÌÅÍ ºÐ¼®¸¸À¸·Î´Â ºü¸£°Ô º¯ÇüÇÏ´Â »çÀ̹ö °ø°ÝÀ» ¹æ¾îÇÏÁö ¸øÇÏ´Â °æ¿ì°¡ ¸¹ÀÌ º¸°íµÇ°í ÀÖ´Ù. µû¶ó¼ ÇöÀç´Â HIDS(Host-based Intrusion Detection System) µ¥ÀÌÅÍ ºÐ¼®À» ÅëÇؼ À§¿Í °°Àº »çÀ̹ö °ø°ÝÀ» ¹æ¾îÇϴµ¥ ħÀÔ Å½Áö ½Ã½ºÅÛ¿¡¼ »ý¼ºµÈ µ¥ÀÌÅ͸¦ ÀÌ¿ëÇÏ°í ÀÖ´Ù. º» ³í¹®¿¡¼´Â ±âÁ¸¿¡ »ç¿ëµÇ¾ú´ø µ¥ÀÌÅÍ ¼¼Æ®¿¡¼ °á¿©µÈ ½º·¹µå Á¤º¸, ¸ÞŸ µ¥ÀÌÅÍ ¹× ¹öÆÛ µ¥ÀÌÅ͸¦ Æ÷ÇÔÇÑ LID-DS(Leipzig Intrusion Detection-Data Set) È£½ºÆ® ±â¹Ý ħÀÔ Å½Áö µ¥ÀÌÅ͸¦ ÀÌ¿ëÇÏ¿© ±â°èÇнÀ ¾Ë°í¸®Áò¿¡ °üÇÑ ºñ±³ ¿¬±¸¸¦ ÁøÇàÇß´Ù. »ç¿ëÇÑ ¾Ë°í¸®ÁòÀº Decision Tree, Naive Bayes, MLP(Multi-Layer Perceptron), Logistic Regression, LSTM(Long Short-Term Memory model), RNN(Recurrent Neural Network)À» »ç¿ëÇß´Ù. Æò°¡¸¦ À§ÇØ Accuracy, Precision, Recall, F1-Score ÁöÇ¥¿Í ¿À·ùÀ²À» ÃøÁ¤Çß´Ù. ±× °á°ú LSTM ¾Ë°í¸®ÁòÀÇ Á¤È®¼ºÀÌ °¡Àå ³ô¾Ò´Ù.
|
¿µ¹®³»¿ë
(English Abstract) |
Today's information and communication technology is rapidly developing, the security of IT infrastructure is becoming more important, and at the same time, cyber attacks of various forms are becoming more advanced and sophisticated like intelligent persistent attacks (Advanced Persistent Threat). Early defense or prediction of increasingly sophisticated cyber attacks is extremely important, and in many cases, the analysis of network-based intrusion detection systems (NIDS) related data alone cannot prevent rapidly changing cyber attacks. Therefore, we are currently using data generated by intrusion detection systems to protect against cyber attacks described above through Host-based Intrusion Detection System (HIDS) data analysis. In this paper, we conducted a comparative study on machine learning algorithms using LID-DS (Leipzig Intrusion Detection-Data Set) host-based intrusion detection data including thread information, metadata, and buffer data missing from previously used data sets. The algorithms used were Decision Tree, Naive Bayes, MLP (Multi-Layer Perceptron), Logistic Regression, LSTM (Long Short-Term Memory model), and RNN (Recurrent Neural Network). Accuracy, accuracy, recall, F1-Score indicators and error rates were measured for evaluation. As a result, the LSTM algorithm had the highest accuracy.
|
| Å°¿öµå(Keyword) |
±â°èÇнÀ
È£½ºÆ® ±â¹Ý ħÀÔ Å½Áö ½Ã½ºÅÛ
³×Æ®¿öÅ© ±â¹Ý ħÀÔ Å½Áö ½Ã½ºÅÛ
LID-DS
Machine Learning
HIDS
NIDS
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
