TTTN_ mạng nơ-ron

7/22/2019 TTTN_ mng n-ron

1/26

1

MC LC

Danh mc cc hnh ..................................................................................................... 2Li mu ................................................................................................................. 2Chng 1 Tng quan vtr tunhn to v mng n-ron ......................................... 3

1.1Tm hiu s lng vtr tunhn to .............................................................. 3111 Khi nim .................................................................................................. 31.1.2Phn loi .................................................................................................... 4

1.2 Mng n-ron nhn to ...................................................................................... 5121 tng sinh hc ....................................................................................... 5

Chng 2 Mng n-ron nhn to ............................................................................... 72.1 M hnh mng n-ron ...................................................................................... 72.2 Cu trc mng .................................................................................................. 82.3 Cu trc dliu : ............................................................................................102.4 Kiu hun luyn .............................................................................................112.5 Nguyn tc hun luyn ...................................................................................132.6 Tnh tng qut ha vi mng n-ron .............................................................13

Chng 3 Thut ton backpropagation ....................................................................153.1 Tng qut .......................................................................................................15

3.1.1 Cu trc ...................................................................................................153.1.2 Hun luyn mng trong thut ton Backpropagation .............................18

3.2 Hun luyn nhanh ..........................................................................................183.2.1 Gii thut thay i tc hhc .................................................................193.2.2 Gii thut phc hi thut ton Backpropagation ....................................19

Chng 4 Hthng pht hin xm nhp da trn mng n-ron .............................224.1 Hthng pht hin xm nhp (IDS) ..............................................................22

4.1.1 Network IDS ...........................................................................................224.1.2 Host IDS ..................................................................................................23


2/26

2

4.2 Hthng pht hin xm nhp da trn mng n- ron ( NNID) ....................244.3 nh gi vNNID .........................................................................................26

Kt lun ....................................................................................................................26Ti liu tham kho ....................................................................................................26

DANH MC CC HNHLI M U

Tr tunhn to hin ang l mt vn rt nng trn thgii. Vit Nam

ang trong qu trnh hi nhp vkinh tcng nh cng nghvi thgii nn cn

tm hiu cc cng nghvvn ny. Trong khun khbi thc tp em xin trnh

by ti tm hiu mng n-ron cng nh ng dng ca mng n-ron trong vic

pht hin xm nhp tri php.

Mng n-ron l mt phng php tr tunhn to mi ra i, vic p dng

mng n-ron vo thc tvn gp nhiu kh khn, song vic a mng n-ron vo

trong h thng pht hin xm nhp c nhiu nghin cu ca nhiu vin v

trng i hc ln trn thgii. Vic hot ng v xy dng mng n-ron nh th

no, hthng pht hin xm nhp da trn mng n-ron sra sao? ng dng thc

tc trin khai nh thno, hiu quthnghim ti u


3/26

3

CHNG 1TNG QUAN VTR TUNHN TO V MNG N-RON1.1Tm hiu s lng vtr tunhn to

Trc y, ngi ta ngh n vic ch to ra my mc thng minh

nh con ngi. y l mt lnh vc ca tr tunhn to v n chthc str

thnh mt ngnh khoa hc c sc sng sau khi my tnh in tc pht

minh. Ngy nay, tr tunhn to v ang c ng dng trong nhiu lnh

vc ca i sng hng ngy, lm cho my mc bit suy ngh v h trhoc

gii quyt vn thay cho con ngi.

1.1.1 Khi nimL tr tuc biu din bi bt cmt hthng nhn to no. Thut

ngny thng dng ni n cc may tnhc mc ch khng nht nh v

ngnh khoa ho cnghin cu vcc l thuyt v ng dng ca tr tunhn to.

Mt vi nh ngha khc nhau v tr tu nhn to:

Bellman (1978) nh ngha: tr tu nhn to l t ng ho cc hot

ng ph hp vi suy ngh con ngi, chng hn cc hot ng ra quyt nh,

gii bi ton..

Rich v Knight (1991) cho rng tr tu nhn tol lnh vc nghin cu

lm cho my tnh lm c nhng vic m con ngi ang lm tt hn.

Winston (1992) cho rng tr tu nhn tol lnh vc nghin cu cc tnh

ton my c th nhn thc, lp lun v tc ng.

Tr thng minh nhn to lin quan n cch c x, shc hi v kh

nng thch ng thng minh ca my mc. Cc v dng dng bao gm cc tc

viu khin, lp khoch v lp lch (scheduling), khnng tr li cc cu

hi vchn on bnh, tr li khch hng vcc sn phm ca mt cng ty,

nhn dng chvit tay, nhn dng ting ni v khun mt.


4/26

4

Ngy nay, cc hthng nhn to c dng thng xuyn trong kinh t,

y dc, cc ngnh k thut v qun s, cng nh trong ccphan memmy

tnh thng dng trong gia nh , tro chi ien t , quan o i va khoa ho c

1.1.2Phn loiTr tu nhn to chia thnh hai trng phi t duy: tr tu nhn to

truyn thng v Tr tutnh ton .

Tr tunhn totruyen thong : Cac phng phap hc my, c trng bi

hnh thc ha v phn tch thng k. Tr tunhn to truyn thng cn c

gi l tr tunhn to biu tng, tr tunhn to logic, tr tunhn to ngn

np v tr tunhn to cin. Cc phng php ca tr tunhn to truyn

thng gm: Hchuyn gia, p dng cc khnng suy lun a ra kt lun.

Mt hchuyn gia c thxl cc lng ln thng tin bit v a ra cc

kt lun da trn cc thng tin . Chng trnh trgip c hnh ci kp giy

Clippy ca Microsoft Office l mt v d. Khi ngi dng g phm, Clippy nhn

ra cc xu hng nht nh v a ra cc gi cho ngi dng...

Tr tunhan totnh toan nghien cu vic hc hoc pht trin lp. V d:

Tinh chnh tham s trong h thng. Cc phng php chnh gm: Phng

php mng neuron, phng php hm, phng php tnh ton tin ha.Con ngi pht trin hthng thng minh lai, trong kt hp chai

trng phi trn. Cc phng php tr tunhn to thng c dng trong

cc cng trnh nghin cu khoa hc nhn thc, mt ngnh ang cgng to ra

m hnh nhn thc ca con ngi. Tr tu nhn to hin vn ang tip tc

c nghin cu. cc quc gia pht trin, ngnh khoa hc ny lun c coi

l ngnh khoa hc mi nhn. Nhiu loi trang thit bqun shin c

ng dng tr tunhn to nh trong cc r-bt c thit kcho cc nhim vc bit, trong cc hthng m phng, iu khin v kh, trong UAV (my bay

khng ngi li)


5/26

5

1.2Mng n-ron nhn toMng n-ron nhn to ( Artificial Neuron Network) v ang l mt ch

c quan tm kh nhiu hin nay. Mng n-ron nhn to v ang c nhng

thnh cng trong nhiu lnh vc khc nhau nh ti chnh, y t, a cht , vt l Bi c tnh u vit ca mng n-ron nhn to vi t cch l mt htr tunhn

to m phng mt htr tu tnhin nhm a ra cc dbo, phn loi v iu

khin thit b Cc u im chnh ca mng n-ron nhn to chnh l

- Nng lc mng c m phng theo mng n-ron tnhin rt tinh vi, tyvo nhu cu x l m c th thc hin cc hm v tnh ton rt phc tp.

c bit mng n-ron c th thch nghi rt a dng vi cc loi u vo

khch nhau cphi tuyn ln tuyn tnh.- Mng n-ron nhn to c tnh hc cao v do to. Cc dnht l ngi s

dng thu thp cc dliu c trng ri cho mng hc theo, cao hn na c

thcho mng n-ron tthu thp cc d liu c trng v ta ra cc

trng sca ring mnh

- Tuy nhin mng n-ron cng i hi mt nn kin thc thng k v cngnghthng tin c thchn v sdng cc dliu mt cch hp l Hn

na vic p dng mng n-ron nhn to vo thc ti hi mt qu trnhthnghim t tnh ti udi.

Mng n-ron nhn to hot ng da trn vic m phng mt hthng n-

ron sinh hc trong c thsinh vt Trong tng lai vi skt hp ca cng ngh

sinh hc v cng ngh thng tin th c thxut hin nhng loi my tnh thng

minh mt cch tht s

1.2.1 tng sinh hcMng n-ron nhn to c m phng t mng n-ron sinh hc thng

thng thng qua cc nghin cu v tr tu nhn to. Mng n-ron nhn to c

gng hc theo cc bno c cu trc thp vkhnng hc cng nh chp nhn sai

ca hthng n-ron sinh hc.


6/26

6

Trong mt thi gian di th cc nh nghin cu cgng hc theo cch x

l v l lun ca cc bno cp cao nhng vn cha t c kt qunh mong

i nn vi vic l lun v cng nghn-ron ra i cho php to nn bc m,

rt ngn khong cch vi mt htr tunhn to thc s.

Bno ca cc sinh vt thng minh c rt nhiu n-ron, v dnh ca ngi

l khong ti 10 tn-ron Cc n-ron ny c nhng kt ni vi nhau m ctrung

bnh mi n-ron li c kt ni vi hng chc ngn n-ron khc to ra mt mi

quan hrt phc tp. Mi n-ron l mt tbo c bit c th truyn i v nhn

cc tn hiu tcc n-ron khc n-ron c cu trc l rvo, thn n-ron v rra.

Cc rcng c thgi l cc dy thn kinh cn cc n-ron l cc tbo thn kinh.

Khi mt n-ron hot ng n sto xa cc xung in chy dc theo cc dy thn

kinh qua ng ra ca chnh n-ron ny i n cc n-ron khc N-ron hot ng

khi v tt ccc tn hiu nhn c ng vo ca n thng qua dy thn kinh vt

qu mt ngng no .

Cng ttins hiu thu c ca n-ron phthuc vo nhy cm ca cc

dy thn kinh m n c kt ni v vic nh gi u tin cc dy thn kinh kt

ni n n-ron N-ron hc v thay i u tin ca cc kt ni n dy thn kinh

c tha ra kt lun. V dnh theo nhng th nghim vphn xc iukin ca cc sinh vt sau khi g chung l cho n th sau m t thi gian, cc sinh

vt ny nhanh chng c phn schy n ni c thc n sau khi nghe ting chung

bi v kt ni gia phn vno thnh gic v tuyn nc bt c u tin hn

Khi c ting chung vno thnh gic bkch thch v tuyn nc bt bt u hot

ng.

Do c ththng qua mt hay rt nhiu cc tn hiu n gin m mng n-

ron sinh vt thc hin a ra cc quyt nh no D nhin mi tn hiu in cc quyt nh cn qu trnh hc hi, thch nghi ca sinh vt v khng ch

thng qua mt vi n-ron m l mt con srt ln cc n-ron cng hot ng. Tuy

vy tr tunhn to da trn mng n-ron vo ang dn cgng tng dn v

quy m mng cng nh khnng kt ni t n vic m phng mt hn-ron

sinh vt hon chnh.


7/26

7

CHNG 2MNG N-RON NHN TO2.1M hnh mng n-ron

Cu trc tng qut ca mt n-ron

Cu trc tng qut mt n-ron

Gii thch k hiu:

Tp cc u vo: l cc tn hiu vo (input signal) ca nron, cc tn hiu

ny thng c a di dng vector N chiu

Tp cc lin kt: Mi lin kt c thhin bi mt trng s(gi l trng s

lin kt Synaptic weight) Thng thng cc trng s ny c khi to mt

cch ngu nhin thi im khi to mng v c cp nht lin tc trong qu

trnh hc mng.Btng (Summing function): thng dng tnh tng ca cc tch u vo

vi trng slin kt ca n

Ngng (cn gi l mt lchbias): Ngng ny thng c a vo

nh mt thnh phn ca hm truyn


8/26

8

Hm truyn (Transfer function): Hm ny c dng gii hn phm vi

u ra ca mi nron N nhn u vo l kt quca hm tng v ngng cho

u ra: L tn hiu u ra ca mi nron, vi mi nron sc ti a l mt

u ra

N-ron ny shot ng nh sau: gisn-ron c N u vo (x1 ti xn)

mi u vo c mt trng skhc nhau (w1 ti wn) th n-ron sly tng c trng

sca tt ccc u vo, nn ng truyn c trng scng ln th tn hiu qua

ng truyn scng nh hng nhiu ti u ra, sau n-ron ly kt quca

tng trn cng thm ngng ri a ra kt quti u ra

(

) Trong yk u ra ca n-ron k

- fk l hm truyn ca n-ron k- N l su vo- Xi l tn hiu ca u vo thi- Wi l trng sca u vo thi- Bk l ngng ca n-ron k2.2Cu trc mng

Mt mng n-ron nh ni bao gm nhiu n-ron nn ty vo s lng

n-ron c trong mng cng nh phc tp ca bi ton m c cc kin trc n-

ron ph hp c a ra l

Mng mt tng

Mng mt tng tc l cc n-ron trong mng sc xp ngang hng vi

nhau v cng tip nhn cc u vo vi cc trng skhc nhau. Nh vy mng

mt tng sc su ra chnh bng sn-ron ca mng, thng thng mng mt

tng c sdng cho nhng bi ton rt n gin cho php tip cn kin thc v

mng n-ron dng c bn nht


9/26

9

M hnh mng 1 lp.


10/26

10

Mng a tng

M hnh mng a tng

Mng n-ron a tng thng gm 3 lp : lp nhp, lp n, lp xut

Lp nhp ng vai tr nhp dliu v phn tch s bc thcoi nh mt

mng n-ron mt tng ring, u ra ca lp nhp chnh l u vo ca lp n

Lp n l lp x l quan trng nht ca mng n-ron, lp n thng bao

gm nhiu mng n-ron mt tng vi cc u ra ca hng ny l u vo ca hng

kia, slng mng n-ron mt tng trong lp n ty thuc vo phc tp ca bi

ton c xt ti.

Lp xut chnh l lp u ra ca mang n-ron cung cp kt qubi ton

c xt ti. Cc kt quny c c thng qua qu trnh xl ca lp n.

2.3Cu trc dliu :Cu trc dliu cng nh hng rt ln ti m hnh mng c xy dng,

thng thng dliu c a vo c hai dng l dliu ng thi v dliu xy

ra lin tc theo thi gian


11/26

11

Kiu dliu ng thi dxem xt hn khi xy ra m khng c hi tip hoc

trdo thtcc u vo khng quan trng v cc u vo khng nh hng ln

nhau.

Kiu u vo lin tc c mphng trong mng ng khi m th tccgi tru vo l v cng quan trng bi cc u vo c nh hng ln nhau v gi

tru ra thu c da trn sthay i v tng tc lin tc gia cc gi tru

vo, nu thay i thtu vo slm thay i dliu u ra

2.4Kiu hun luynMng n-ron c hai kiu hun luyn khc nhau l c gim st v khng c

gim st.

C gim st

Mng n-ron lp li qu trnh hun luyn cho ti khi t c kt qumong

mun tc l : ban u vi mt tp dliu sn c v mt tp kt qusn c c

thm nh th tin hnh cho mng n-ron hun luyn, qu trnh ny tin hnh thay

i trng sca cc d liu u vo ti khi t kt qumong mun th chng ta

thu c tp trng schun sdng

V dvbi ton tnh kt quphp hoc

Hai tham svo chnh l hai u vo dliu ca bi ton X1, X2

Hai u vo ny l u vo tnh nn khng cn phn bit tht

Z l kt qumong mun

W1 l trng sca u vo X1

W2 l trng sca u vo X2

Y l u ra

Delta l sai shin tai

Ct I.J ln lt chtrng sca u vo X1, X2 sau khi chnh sa


12/26

12

Cc cng thc p dng

W1 v W2 ban u ln lt bng 0,1 v 0,3

Ngng so snh l 0.5 nu tng c trng sln hn 0,5 th kt qutrvY

bng 1 v ngc li nu tng c trng snhhn hoc bng 0,5 th kt qutrv

bng 0

Delta c tnh bng ch mong mun Z tri kt quY

Trng ssau hiu chnh ct I, J c tnh theo cng thc W sau = W u

+ alpha*Xi*delta

y alpha tng trng cho tc thay i trng s tc l tc hun

luyn v c ly bng 0,2


13/26

13

Nh trn sau 4 ln lp li th n-ron thc hin cho ra p n chnh xc

php ton OR vi cc u vo. Nu thay i alpha th tc sln lp li sthay i

chng hn vi alpha bng 0,1 th ta cn 6 ln lp li.

Hc khng c gim st

Mng nron ch nhn c mt tp hp cc u vo t mi trng bn

ngoi. N c vb n tng tng nhng g cc mng c thc thhc hi t

thit lp mt chsu vo. Tuy nhin, c thchnh thc chng minh rng mt

mng li khng c gim st c thxy dng i din ca cc u vo c thc

sdng cho vic ra quyt nh

2.5Nguyn tc hun luynMng n-ron c ba cch hun luyn chnh l batch training, stochastic

training v online training trong

Online training th cc trng sc cp nht ngay lp tc khi mt u vo

c a vo mng Cc u vo sc a vo ln lt theo tht.

Tochastic training th tng tnh online training song vic la chn cc

u vo a vo mng c thc hin ngu nhin.

Batch training th cc trng schc thay i khi tt ccc u vo c

a vo, tc l cc trng sc thay i ng thi vi nhau.

2.6Tnh tng qut ha vi mng n-roni vi mng n-ron hun luyn khng c gim st th mang theo tnh tt

chc hon ton do khng phi i mt vi vn tnh tng qut ha song vi

mng n-ron hun luyn c gim st th tnh tng qut ha l mt vn rt quan

trng. bi khi c hun luyn th da trn nhng mu c sn mng n-ron c thhot ng rt tt song khi thc tgp cc dliu mi th cc sai sto ra li rt ln


14/26

14

Hun luyn theo hm sin

V dln hun luyn mng ln theo hm sin trn l thuyt ( nt t ) v thc

t( nt lin ) vtnh tng qut ha

ci thin vn tnh tng qut ha th vic la chn sn-ron cho mngl quan trng nht, s n-ron va s khin cho mng khng qu kht vi l

thuyt nhng vn m bo tnh ng n cho mng.


15/26

15

CHNG 3THUT TON BACKPROPAGATIONBackpropagation thc hin da trn quy lut hc WidrowHoff tng qut

ha cho cc mng a lp v cc hm phi tuyn. Mng c nhng ngng, lp tn

hiu v lp tuyn tnh ng ra c thm phng bt khm no vi smu ri rchu hn

Thut ton Backpropagation chun l Gradient descent, chnh l quy lut

hc Widrow-Hoff. Khi nim Backpropagation m tcc tnh gradient trong mng

a lp phi tuyn. thut ton c bn c mt sthay i da trn cc kthut ti u

ha chun nh phng php Newton hay Conjugate gradient.

Mng s dng thut ton Backpropagation c hun luyn chnh xc s

p ng hp l khi a vo cc tn hiu m mng cha tng c hun luyn.

Thng thng tn hiu mi vo c ng ra tng tvi ng ra chnh xc ca tn

hiu vo c hun luyn ging vi ng vo mi ny. Do tnh cht tng qut

ha th hun luyn mng da trn cc cp tn hiu vo ra i din vn cho cc kt

qutt vi cc tn hiu cha c hun luyn.

3.1Tng qut3.1.1Cu trc

M hnh n-ron trong thut ton Backpropagation

C ba m hnh n-ron n c bn l tansig, logsig, v purelin

Nh ni th n-ron c bn c N ng vo v mi ng vo c trng s

tng ng l W, khi tng ca cc ng vo c trng s( Wi khc 0) v ngng

b s to ra hm truyn f N-ron c thsdng nhiu loi hm truyn khc

nhau to ra tn hiu ng ra.


16/26

16

Cc mng a lp thng sdng hm truyn l log_sigmoid

Hm truyn logsig to gi trng ra gia 0 v 1 khi ng vo c cc bin

thin tm v cng ti dng v cng Hn na mng a lp cng c thsdng

hn chuyn tansig

Nu lp cui cng ca mng a lp c cc n-ron sdng sigmoid th ng

ra sc gii hn trnog mt vng nh, nu sdng cc n-ron tuyn tnh th ng

ra ca mng sc thl bt kgi trno.

Hm truyn tan-sigmoid


17/26

17

Hm truyn tuyn tnh

Mng feedforward

Mt lp n-ron logsig thng c hai dng ng vo nh sau


18/26

18

Mng ny thng c mt hay nhiu lp n gm cc n-ron sigmoid, lp ng

ra thng gm cc n-ron tuyn tnh Cc n-ron trong cc lp n c hm truyn

phi tuyn cho php mng hc cc mi quan htuyn tnh v phi tuyn gia vec t

ng vo v ng ra. Lp ng ra tuyn tnh cho php mng to ra cc cc gi trti

ng ra vo khong ( -1; 1).

Mt khc nu mun p ng ra ca mng a ra mt khong gi trthch hp

th thng dng hm truyn sigmoid ( v dlogsig).

3.1.2Hun luyn mng trong thut ton BackpropagationKhi trng sv cc ngng c xc nh th mng sn sng c

hun luyn. Cch thc hun luyn yu cu mt tp cc mu ch cch thc hot

ng ca mng gm cp ng vo v cc ng ra, hm hiu sut mc nh ca mng

feedforward l mt hm trung bnh ca bnh phng c sai s.

Thut ton Backpropagation c nhiu phin bn khc nhau song cch thc

hin n gin nht l cp nht trng sv ngng trc tip cho hm hiu sut gim

tht nhanh. Mi vng lp khi hun luyn c thc vit nh sau

C hai cch thc hin cp nht trng s l cp nht ngay sau khi mi ng

vo a tn hiu vo mng v chcp nht trng sosos khi tt ccc ng vo a

tn hiu vo mng.

3.2Hun luyn nhanhTrong thc tkhi hun luyn th tc tng gim trng scng l mt vn

cn c xem xt a ra cc kt quti u, c cc gii thut chnh tng

tc hun luyn ca mng theo thut ton Backpropagation l

- Gii thut phc hi thut ton Backpropagation vi hm hun luyn trainrp


19/26


20/26

20

Trn y l hai trong snhng gii thut thay i tc hc ca mng n-

ron thng c p dng. Tip theo sgii quyt tnh tng qut ha ca mng n-

ron bi v thng thng th rt kh c thc lng chnh sc ln ca mng.

Cc nh nghin cu a ra hai phng php ci thin l

Phng php chnh quy

Phng php ny da trn hm hiu sut c thay i, hm mi da trn

tng bnh phng sai sca mng vi ngng v trng snhhn. Nu mun cc

thng stng qut ha ti u c tng ci t th nen da vo khung lm vic

Bayesian. Trong khung lm vic ny trng sv ngng ca mng githit c

to ngu nhin vi phn b c th. Cc thng s ca tng qut ha nm trong

phng sai ng vi hm phn bny v c thc c lng thng qua kthutthng k chun. Hnh di cho thy mt mng c tnh tng qut ha tt.

Phng phpdng chm

Thng thng kthut p dng dng phng php chnh quy l kthut

dng chm. Khi mi bt u hun luyn th sai sca mng sgim dn. Sau khi


21/26

21

mng bt u qu kht dliu th sai sstng ln Mng sdng hun luyn khi

sai s tng ln qu mt svng lp Nh vy mng skhng qu kht. K thut

dng chm c thdng trong bt cmt gii thut hun luyn no.


22/26

22

CHNG 4HTHNG PHT HIN XM NHP DA TRN MNGN-RON

4.1Hthng pht hin xm nhp (IDS)IDS l cc cng cphn mm hoc thit b, c thit kcho vic phn tch

cc dng dliu hoc cc bin c, nhm xc nh cc hnh ng tri php v cc

vi phm chnh sch an ninh tchc trn hthng mng my tnh. IDS khng ging

vi Firewall hay VPN l nhng thnh phn ngn nga cc cuc tn cng m n

ging vi thnh phn cung cp sbo vbng cch cho bit thng tin vcc cuc

tn cng. Tuy nhin thi thong IDS vn cung cp nhng cnh bo nhm.

Hin nay cc IDS ang pht trin v hon thin theo hng a dng ha khi

m mt s c thphn no ngn chn cc cuc tn cng khi n xy ra. Gi tr

chnh ca mt hthng pht hin xm nhp l cho ngi dng bit iu g sxy

ra, cung cp cc gii php cho mng v cc nt trong mng gim thiu ri ro m

ngi dng c th kim sot c. IDS thng da vo hai cng ngh chnh l

network IDS v host IDS

4.1.1Network IDSNetword IDS cng c thc cp n nh mt sniffer hot ng da

trn sdch chuyn mng. Netword IDS theo di cc sdch chuyn gi tin ca

ton mng. Networdk IDS thun li cho stng hp ca ton bmng, sc mnh

ca netword IDS c thhin khi gp cc tn cng lin quan ti ton h thng

hoc nhiu im trn mng song im yu ca network IDS chnh l trong mi

trng mng chuyn mch tc cao, mi trng m ha v mi trng xut hin

cc giao thc hin i, phc tp th xc xut xut hin bo ng sai cng tng ln

Network IDS thng sdng hai cng nghchnh l pht hin da trn ccdu hiu v pht hin da trn sbt thng hoc l pha ln chai trong mt h

thng


23/26

23

Pht hin da trn du hiu

Cc network IDS hot ng ging nh cc phn mm qut virus v pht

hin cc cuc tn cng da trn c sdliu vdu hiu ca cc cuc tn cng.

Khi cc cuc tn cng mi hoc cc phng thc mi th network IDS scp nhtchng vo c sdliu ca mnh . v din hnh nht nh Snort

Pht hin da trn sbt thng

Pht hin da trn s bt thng lin quan n vieetjcj thit lp mt nn

mng c bn ca nhng hot ng bnh thng ca h thng hay cc hnh vi

thng dng ca ngi s dng. Khi h thng xut hin cc hnh vi khc vi

thng thng th IDS stin hnh cnh bo. Vic pht hin da trn sbt thng

c khnng pht hin ra cc phng thc tn cng mi song li kh p dng bi

cc hthng nu t kch cnht nh th srt kh cho vic xc nh cc hnh vi

thng thng l nh thno.

4.1.2Host IDSHost IDS c thphn chia lng lo thnh cc thnh phn nh kim sot log,

kim tra tch hp v cc module nhn ca hthng trong

Gim st log

Gim st log l mt thit bIDS n gin nht, khi m thit bscgng

pht hin nhng sxm nhp bng cch phn tch cc log skin ca hthng. V

dnhSwatch. Thng thng cc phn mm gim st log thng qut theo nh

k.

Gim st tnh ton vn

Gim st tnh ton vn snhn vo cu trc chyu ca hthng tm sthay i trong T s thay i tnh ton vn s thm mt lp bo v cho h

thng pht hin xm nhp. V d v gim st tnh ton vn ph bin nhp l

Tripwire. Mu cht ca gim st tnh ton vn l xc nh ranh gii an ton c

thit lp trc khi hthng c kt ni mng.


24/26

24

4.2Hthng pht hin xm nhp da trn mng n- ron ( NNID)T nm 1998, ba nh khoa hc Jake Ryan, Meng-Jang Lin, Risto

Miikkulainen xut gii php xy dng hthng pht hin xm nhp da trn

mng n- ron (Neural Network Intrusion Detector - NNID). NNID s dng giithut hc lan truyn ngc (backpropagation), hot ng trn mi trng UNIX v

l IDS khng trc tuyn. Ti cui mi ngy lm vic, ngi qun trhthng s

chy NNID kim tra phin ng nhp ca ngi dng c ph hp vi mu hot

ng thng thng ca hhay khng. Nu hot ng ca ngi dng khng ph

hp vi mu hot ng thng thng th sa ra cnh bo vmt sxm nhp

ti hthng Nh vy hthng pht hin xm nhp xy dng da trn mng n-

ron c ba nh nghin cu trn xy dng cng c thcoi l mt host IDS hot

ng trn c chxem xt log C bn hot ng ca hthng ny l xem xt log

ca hthng mt cch nh ktm ra cc im bt thng/

NNID c trin khai theo 3 giai on:

+ Thu thp dliu hun luyn (training data): thng k nht k ng nhp ca mi

ngi dng trong nhiu ngy trc Lp vector thhin tn sut sdng cc

lnh ca mi ngi dng trong tng ngy.

+ Hun luyn (training): Hun luyn NNID nhn dng ngi dng da trn ccvector phn bcu lnh.

+ Thc hin (performance): Xc nh ngi dng da trn mi vector phn blnh

mi. Nu hthng xc nh n khng thuc cc ngi dng thng, hoc khng

c xc nh r rng th sa ra cnh bo vmt sbt thng.

Hthng NNID c nhm nghin cu Khoa in tv Kthut my tnh

trng i hc Texas ca Austin thnghim trn my tnh chy hiu hnh

NetBSD Theo , my tnh thnghim c 10 ngi sdng, trong c mt sngi sdng u n (regular users), mt skhc ng nhp khng thng

xuyn (intermittently). Sau 12 ngy thu thp thu c kt quca 89 vector

ngi dng. Cc lnh phbin nht trong bn ghi nht k c dng cho hthng

nh: as, cut, awk, bibtex, cpp, date, elm....

Tn sut sdng mi lnh c chia thnh 11 khong khc nhau, khong c trng


25/26

25

snhl khong c tn sut sdng lnh thp. Khong u tin l lnh khng bao

gic sdng, khong thhai l cu lnh c sdng mt hoc hai ln v

cnh vy cho n khong cui cng, ni m lnh c sdng hn 500 ln. Cc

khong c i din bi cc gi trt0,0 n 1,0 v mi khong hn km nhau

gi tr0,1. Vi mt ngi dng cth, mi cu lnh sc mt gi trthuc khong

trn, 100 cu lnh sto thnh mt vector phn phi lnh 100 chiu (100-

dimensional command distribution vector) v c sdng lm u vo cho h

thng NNID.

NNID c hun luyn vi dliu c chn trong 8 ngy bt k(65 user

vectors) v qu trnh kim th c tin hnh trong 4 ngy cn li (24 user

vectors). Nhm nghin cu thc hin 4 ln nh vy v c4 qu trnh kim tra

c thc hin theo hai ni dung sau:

- Xc nh ngi dng ca 4 ngy cn li. Nu c c mt n- ron u ra c gi

trcao hn tt ccc n- ron u ra khc v ln hn 0,5 th xc nh c chnh

xc ngi dng tng ng vi n- ron Ngc li, hthng sa ra khng

nh nhm l bt thng, li ny c gi l false positive.

- Xc nh ngi dng t100 vectors ngi dng c to bi cc gi trngu

nhin. Nu tt cn- ron u ra c gi trnhhn 0,5 th hthng xc nh

chnh xc l mt ngi dng bt thng (khng l bt kngi no trong 10ngi dng bit trong hthng) Ngc li, gi tru ra cao nht sc xc

nh cho ngi dng tng ng Nh vy, cc xm nhp bt hp php thc hin

nh 1 trong 10 ngi dng thng skhng c pht hin, lc ny hthng a

ra li false negative.

Kt quca 4 qu trnh kim tra l kh ging nhau. Trung bnh, hthng tchi

63% vector ngi dng c to ngu nhin, dn n tlpht hin bt thng l

96%. Pht hin chnh xc 93% vector ngi dng hp php, a ra cnh bo sai

7% vngi dng hp php.

Mt nghin cu khc ca trng i hc Georgia vNNID khi sdng 9

n-ron u vo, 4 lp n-ron n v 2 n-ron u ra ( kt qul bo ng v bnh

thng ) khi p dng vo thnghim cho kt qunh sau


26/26

26

Khi m phng tn cng cthnh qut ISS, qut SATAN, SYNFloodth h

u cho bo ng ngKhi hthng c mrng xem xt mt mng phn

tn th vn cho cc kt qutt, thm ch cc cgng kt ni FTP khng thnh cng

cng c bo ng nh mt cuc tn cng.

4.3nh gi vNNIDTrin khai NNID cho hthng c nhiu ngi dng th tlpht hin bt

thng vn khng thay i. Hthng vn c thhc tt cc mu hs ca ngi

dng v bt cmt hnh ng no khc vi hnh ng thng thng ca ngi

dng th u bcoi l bt thng.

i vi cc xm nhp mi, do NNID lun cp nht hs v phn tch hot ng

hng ngy ca mi ngi dng v NNID cng c hun luyn li theo nh knn cc xm nhp mi sddng c pht hin. Cc hthng hin nay chcn

90 giy thc hin iu ny.

NNID ddng hun luyn v khng tn km bi n hot ng khng trc tuyn v

da trn dliu nht k ng nhp hng ngy. Vi cc hthng pht hin xm

nhp khng yu cu thi gian thc th NNID l mt gii php kh ti u

Hin nay vic ng dng mng n-ron vo h thng pht hin xm nhp c

nhng sn phm thc tnh ca Sans, Iaeng

KT LUN

TI LIU THAM KHO

Documents

TTTN_ mạng nơ-ron