Open Access  Subscription Access

網際網路興起帶動網路世代迅速發展，使用者對於存取網路服務的需求日益增大。在另一個網路－全球行動通訊系統中，隨著接取技術進步，可讓使用者透過行動通訊網路存取網際網路上的資料和服務，進而促成兩個網路融合。在龐大的融合網路中，所有通訊將以全IP網路為基礎，因此3GPP組織制訂IP多媒體子系統，目標為融合全球行動通訊系統和網際網路，成為提供各式各樣服務的標準開放架構。IP多媒體子系統現階段仍欠缺有效的安全管理機制與策略，因而存在許多風險，包含駭客入侵、惡意使用、假造、偽裝、阻斷服務與SQL Injection等，營運端需要一個有效的入侵偵測機制，以確保用戶正常使用。本論文提出適用於IP多媒體子系統中以規則為基礎的入侵偵測機制，預期達到防止惡意行為出現，確保營運局端在攻擊行為出現時，能即時發現異常行為，保障核心網路正常維運。The rise of Internet not only drives the rapid development of network but also makes users' demand for Internet service higher. On the other hand, Global System for Mobile communication allows users access data and service through mobile network due to the advancement of access technology. It facilitates the convergence of Internet and mobile network. To merge the two networks, 3GPP standardized specifications for IP Multimedia Subsystems. It is an open standard architecture, bases on all-IP network and provides a variety of services. At present, there is no sufficient mechanism and strategy to assure the network security of IP Multimedia Subsystem. Thus there are many risks which include hacking, malicious usage, forgery, masquerade, denial of service and SQL Injection. Operators need an effective intrusion detection mechanism to guarantee whole the components operate correctly. In the paper, we purpose a rule-based intrusion detection mechanism for IP Multimedia Subsystem to prevent malicious behaviors, detect abnormal events real-time and ensure the entire core network can keep operating correctly.

IP多媒體子系統; 入侵偵測系統; 會談起始協定; 通用行動通訊系統; 全球行動通訊系統; IP Multimedia Subsystem IMS; Intrusion Detection System IDS; Session Initiation Protocol SIP; Universal Mobile Telecommunications System UMTS; Global System for Mobile communication GSM