The analysis of anomalous packets by data mining

• Main Authors: LU,KUN-YAN, 呂昆晏
• Other Authors: HONG,GUO-MING
• Format: Others
• Language: zh-TW
• Published: 2018
• Online Access: http://ndltd.ncl.edu.tw/handle/8m7279

碩士 === 開南大學 === 資訊學院碩士在職專班 === 106 === Malicious software still poses a great threat to cyber security and users. This paper focuses on further understanding the impact of malicious software on the information and hopes that the malicious software will be able to launch threats before launching the attack. Effective detection as a more effective preventive measure is mainly to avoid making the affected computer's affected disasters expand or cause irreparable situations. Therefore, the use of data mining technology in this paper to classify traffic has reduced the chance of computers being infected by malicious software. In this study, we will use Company A's system network architecture to use data mining technology to analyze network abnormal packets that are suspected to have been infected by malicious software. This will provide insight into the system and network after malicious software is invaded. The direct impact of the road, and then through the network of abnormal packets as the information obtained after the classification analysis, you can learn more about malicious software virus code transmission mechanism and attack methods and so on. However, malicious software has been deliberately adding noise, changing the length of the packet, or delaying sending the packet, which will make it difficult to analyze. In this research, malicious software intrusion and attacks will be simulated. After the computer is invaded, attack instructions or data instructions will be issued. The system that has been infected with malicious software will cause the system exception or abnormal network caused by the relevant intrusion and attack packets. After using network packets to capture software, abnormal traffic packets are collected and used for data analysis for data analysis.