臺灣博碩士論文加值系統

由於網路技術的快速發展，企業組織所建立的內部網路其所及範圍與複雜度都日趨增加。同時隨著病毒與木馬後門等惡意程式的攻擊型態產生， 以往被視為安全可信賴的內部網路環境，其安全性問題受到極大的威脅。新型的木馬後門程式利用網路穿隧技術，透過標準的網路服務通訊埠，輕易地穿透企業防火牆進行內外的溝通與監視。而另一方面，透過內部網路進行文件的分享與存取，已成為各企業組織運作不可缺少的部分，文件安全性的問題尤其關係整個企業組織的發展，如何才能確保其安全，避免遭受可能的網路攻擊，便成為主要的研究課題。在本論文中，我們以企業組織的內部網路為範圍，研究提出S.P.A.C多層次的安全性架構，來提供安全的文件存取控制。在此架構下，我們同時可以與其他安全性機制(如IPsec, SSL)相結合，以發揮最大弁遄C另外在設計考量方面也以具彈性、低成本為目標，來減少企業組織實際應用的困難。相關研究的安全性機制包括各種個人防火牆技術與設計：以代理伺服器作為應用層面的控制、以動態封包過濾之個人防火牆作為網路底層的安全、以分散式防火牆來對使用端同時進行保護與控制、以動態密碼認證來作為整合的存取控制。

With the highly advanced network technology, the Intranet of the organization has become more complicated and widely applicable. At the same time, new attack models of the malicious software, such as virus and Trojan horse, have also been developed. The Intranet environment, which used to be considered as safe and reliable in the past, suffers tremendous threats. Those novel viruses and Trojan attacks make use of the tunneling technique to bypass the firewall via standard service ports, such as port 80. On the other hand, the sharing of documents in Intranet is essential for present organization, and its security problem has been a threat to development of the organization. The ways to secure the document access and protect Intranet from attacks have become an important issue. In this dissertation, we focus on the security problem for document access control in Intranet, and propose the S.P.A.C. multi-layered security framework to secure it. Within the framework, some present security mechanisms such as IPSec, and SSL can also be integrated to provide more security. We also consider the flexibility and cost in the design to reduce the potential difficulties of physical deployment in the organization. A compete security framework comprises the proxy server technique for application level access control, the dynamic packet filter personal firewall technique for stopping the illegal network packets, the distributed firewall technique for controlling and protecting the client machines, and the dynamic id/password authentication for integration of document access control.

Contents
1 Introduction 1
1.1 Background 1
1.1.1 Motivation 1
1.1.2 Security Categories 4
1.2 Security Target 6
1.2.1 Security Environment 6
1.2.2 Assumptions 10
1.2.3 Threats 10
1.2.4 Objectives 11
1.3 Organization of the Dissertation 12
2 Related Work 14
2.1 Network Security 14
2.1.1 Internet Layer 14
2.1.2 Transport Layer 15
2.1.3 Application Layer 15
2.2 Threat Models 16
2.3 Network Attacks 17
2.3.1 Port Scanning 18
2.3.2 Packet Sniffing 19
2.3.3 Man-in-the-Middle Attacks 19
2.3.4 Denial of Service Attacks 20
2.3.5 Trojan/Backdoor 21
2.3.6 Other Attacks 21
2.4 Firewalls 22
2.4.1 Firewall 22
2.4.2 Proxy 24
3 Designing the Framework 25
3.1 S.P.A.C. Framework 25
3.1.1 #S (Web Server) 28
3.1.2 #C (Client) 30
3.1.3 #P (Proxy Server) 33
3.1.4 #A (Authentication Server) 36
3.2 Integrated Access Control 37
4 Security Mechanisms 43
4.1 Dynamic Password Authentication 43
4.1.1 User Authentication 43
4.1.2 Protocol Design 45
4.1.3 Analysis 47
4.1.4 Deployment and Implementation 48
4.2 Dynamic Packet Filter Personal Firewall 49
4.2.1 Against the Attacks 49
4.2.2 XML-based Firewall Ruleset 49
4.2.3 Implementation 51
4.3 Distributed Firewall 52
4.3.1 Login Authentication 53
4.3.2 Protocol Design 56
4.4 Personal Firewall Enhancement 58
4.4.1 Protection from ARP Spoofing 58
4.4.2 Network-Saver 60
5 Evaluation 63
5.1 Design Analysis 63
5.1.1 Port Scanning 64
5.1.2 Packet Sniffing 65
5.1.3 Man-in-the-Middle Attacks 66
5.1.4 Denial of Service Attacks 67
5.1.5 Trojan/Backdoor 67
5.2 Functional Test 68
5.2.1 Distributed Firewall 70
5.2.2 Dynamic Packet Filter Firewall 71
5.2.3 Anti-ARP Spoofing 71
5.3 Penetration Test 72
5.3.1 Port & Vulnerability Scanning 72
5.3.2 Denial of Services 73
6 Conclusions and Future Work 76
6.1 Conclusions 76
6.2 Future Work 77
7 Bibliography 79

1.Miles Tracy, W. Jansen, and M. McLarnon, “Guidelines on Securing Public Web Servers,“
Recommendations of the National Institute of Standards and Technology, September 2002.
2.“A generic threat analysis for an Internet enabled organization,” GIAC Security Essentials Certification Graduates Practical, SANS (SysAdmin, Audit, Network, Security) Institute, June 2003, <http://www.giac.org/practical/GSEC/Paul_Wright_GSEC.pdf>
3.Roelof Temmingh, Haroon Meer, Setiri: “Advances in Trojan Technology,” Black Hat Asia 2002, Marina Mandarin Hotel, Singapore, October 2002.
4.“Point-to-Point Tunneling Protocol,” RFC 2637.
5.Eric Rescorla , SSL and TLS: Designing and Building Secure Systems, Addison Wesley, October 2000.
6.“Introduction to SSL,” Netscape Communications Corp., 1998, <http://developer.netscape.com/docs/manuals/security/sslin/contents.htm>
7.Apache-SSL, <http://www.apache-ssl.org>
8.Peter Loshin, Big Book of IPSec RFCs: Internet Security Architecture, Morgan Kaufmann, November 1999.
9.N. Doraswamy, and D. Harkins, IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks, Prentice Hall, August 1999.
10.C. Blaafjell, M.P. Lan, J. O’Dwyer, H.J. Daniel Yang, “A Comparative Analysis of IPSec and SSL”
11.Dave Dittrich, “Distributed Denial of Service (DDoS) attacks/tools resource page,” <http://staff.washington.edu/dittrich/misc/ddos>
12.Ross Anderson, Security Engineering - A Guide to Building Dependable Distributed Systems, Johm Wiley & Sons, March 2001.
13.A. Main, P.C. van Oorschot , “Software Protection and Application Security: Understanding the Battleground,” International Course on State of the Art and Evolution of Computer Security and Industrial Cryptography, Heverlee, Belgium, June 2003.
14.Carlton Davis, IPSec: Securing VPNs, McGraw-Hill, April 2001.
15.Daniel Clark , “Vulnerability’s of IPSec: A Discussion of Possible Weaknesses in IPSec Implementation and Protocols”, SANS InfoSec Reading Room, March 2002.
<http://www.sans.org/rr/papers/20/760.pdf>
16.Andrew Nash, Bill Duane, Derek Brink, and Celia Joseph, PKI: Implementing & Managing E-Security, Osborne McGraw-Hill, Mar. 2001.
17.Lincoln D. Stein & John N. Stewart, “The World Wide Web Security FAQ,” W3C, February 2002, .
18.D. Scott1 and R.Sharp2, “Abstracting Application-Level Web Security,” WWW2002, Honolulu, Hawaii, USA, May 2002.
19.Steven M. Bellovin, “Distributed Firewalls,” ;login:, November 1999, pp. 39-47, <http://www.research.att.com/~smb/papers/distfw.html>
20.Daniel Wan, “Distributed Firewall,” GIAC GSEC Practical paper, SANS, May 2001, <http://www.giac.org/practical/gsec/Daniel_Wan_GSEC.pdf>
21.Sotiris Ioannidis, Angelos D. Keromytis, Steven M. Bellovin, and Jonathan M. Smith, "Implementing a Distributed Firewall," ACM Conference on Computer and Communications Security, Athens, Greece, November 2000.
22.Rolf Oppliger, Internet and Intranet Security, Second Edition, Artech House, October 2001.
23.William Stallings, Network Security Essentials: Applications and Standards, Prentice Hall, April 2000.
24.Ulrich Ultes-Nitsche and InSeon Yoo, “An Integrated Network Security Approach-Pairing Detecting Malicious Patterns with Anomaly Detection”
25.“Security Architecture for the Internet Protocol,” RFC 2401.
26.Kerberos: The Network Authentication Protocol, MIT, <http://web.mit.edu/kerberos/www>.
27.“Hypertext Transfer Protocol -- HTTP/1.1,” RFC2616.
28.OpenSSL Project, <http://www.openssl.org>.
29.John Chirillo, Hack Attacks Revealed: A Complete Reference with Custom Security Hacking Toolkit, John Wiley & Sons, April 2001.
30.The Nessus Project, <http://www.nessus.org>
31.WinPcap: the Free Packet Capture Architecture for Windows, <http://winpcap.polito.it>.
32.A. Ornaghi, and M.Valleri, Ettercap - Multipurpose Sniffer/Interceptor/Logger, June 2002, <http://ettercap.sourceforge.net>.
33.Robert Wagner, “Address Resolution Protocol Spoofing and Man-in-the-Middle Attacks,” SANS InfoSec Reading Room, September 2001. <http://www.sans.org/rr/papers/60/474.pdf>
34.SMAC - MAC Address Modifying Utility, <http://www.klcconsulting.net/smac>
35.Raúl Siles, “Real World ARP Spoofing,” GIAC Certified Incident Handler (GCIH) Practical, SANS Institute, August 2003.
<http://www.giac.org/practical/GCIH/Raul_Siles_GCIH.pdf>
36.Bhavin Bharat and Bhansali, “Man-In-the-Middle Attack - A Brief,” GIAC GSEC Practical, SANS Institute, February 2001.
<http://www.giac.org/practical/gsec/Bhavin_Bhansali_GSEC.pdf>
37.Pavel Krauz, HUNT Project, ver. 1.5, May 2000, <http://lin.fsid.cvut.cz/~kra/#HUNT>
38.D. X. Song, and A. Perrig, “Advanced and Authenticated Marking Schemes for IP Traceback,” Proceedings IEEE Infocomm 2001.
39.F. Lau, S.H. Rubin, M.H. Smith, and L.Trajovic, “Distributed Denial of Service Attacks,” IEEE International Conference on Systems, Man, and Cybernetics, pp. 2275-2280, October 2000.
40.Vern Paxson, “An Analysis of Using Reflectors for Distributed Denial-of-Service Attacks,” ACM Computer Communications Review, vol. 31, July 2001.
41.Jason Barlow, and Woody Thrower, “TFN2K – an analysis,” February 2000, <http://security.royans.net/info/posts/bugtraq_ddos2.shtml>.
42.Sven Dietrich, Neil Long, and David Dittrich, "Analyzing Ditributed Denial of Service Attack Tools: The Shaft Case," Proceedings of the 14th Systems Administration Conference (LISA 2000), Dec. 2000.
43.The Insider – win32 reverse backdoor, <http://www15.brinkster.com/nick102799/insider/>.
44.John Wack, Ken Cutler, Jamie Pole. “Guidelines on Firewalls and Firewall Policy.” NIST Special Publication 800-41, January 2002.
45.William R. Cheswick, Steven M. Bellovin, Aviel Rubin, Firewalls and Internet Security (2nd Edition), Addison-Wesley Professional, February 2003.
46.I. Goldberg, D. Wagner, R. Thomas, and E.A Brewer, “A Secure Environment for Untrusted Helper Applications,” Proceedings of the Sixth USENIX UNIX Security Symposium, San Jose, California, July 1996.
47.Lori L. DeLooze, “Applying Security to an Enterprise using the Zachman Framework,” SANS InfoSec Reading Room, 2001. <http://www.sans.org/rr/papers/49/367.pdf>
48.A. Lioy, F. Maino, M. Mezzalama, “Secure Document Management and Distribution in an Open Network Environment,” Proc. 1st International Information and Communications Security Conference, pp. 109-117, 1997.
49.Madalina Baltatu, Antonio Lioy, Fabio Maino, and Daniele Mazzocchi , “Security Issues in Control, Management and Routing Protocols,” TERENA Networking Conference, May 2000.
50.Richard Duncan, “An Overview of Different Authentication Methods and Protocols, “
SANS InfoSec Reading Room, October 2001.<http://www.sans.org/rr/papers/6/118.pdf>
51.Doung Graham, "It''s All About Authentication," SANS InfoSec Reading Room, March 2003, <http:\www.sans.org/rr/papers/6/1070.pdf>.
52.“HTTP Authentication: Basic and Digest Access Authentication,” RFC 2617.
53.“The MD5 Message-Digest Algorithm,” RFC 1321.
54.“US Secure Hash Algorithm 1 (SHA1),” RFC 3174.
55.H. Wang, D. Zhang, and K. G. Shin. “Detecting syn flooding attacks.” In Proceedings of IEEE INFOCOM 2002. <http://citeseer.ist.psu.edu/article/wang02detecting.html>
56.Jun Xu, Zbigniew Kalbarczyk, Sanjay Patel and Ravishankar K. Iyer, “Architecture Support for Defending Against Buffer Overflow Attacks,” Second Workshop on Evaluating and Architecting System dependabilitY (EASY), San Jose, California, U.S.A. October 2002, <http://www.crhc.uiuc.edu/EASY/>.
57.“Extensible Markup Language (XML) 1.0 (Second Edition),” W3C Recommendation, October 2000, <http://www.w3.org/TR/REC-xml>.
58.Microsoft Windows Driver Development Kits, <http://www.microsoft.com/whdc/ddk/winddk.mspx>.
59.Microsoft Windows 98 Resource Kit, <http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/win98/reskit/win98rk.asp.
60.Vadim V.Smirnov, “Firewall for Windows 9x/NT/2000, “
<http://www.ntkernel.com/articles/firewalleng.shtml>.
61.Cetin Kaya Koc, “High-Speed RSA Implementation,” RSA Laboratory, November 1994, .
62.PuTTY: A Free Win32 Telnet/SSH Client, <http://www.chiark.greenend.org.uk/~sgtatham/putty/>.
63.“Sygate Personal Firewall User Guide Version 5.5,” Sygate, 2003.
64.“Common Methodology for Information Technology Security Evaluation,” version 1.0, N.I.S.T. August 1999, <http://csrc.nist.gov/cc/CEM.html>.
65.“Common Criteria Security Evaluation,” version 2.1, N.I.S.T. August 1999.
66.John Chirillo, Hack Attacks Testing: How to Conduct Your Own Security Audit, November 2002.
67."Traffic-Filter Firewall Protection Profile For Medium Robustness Environments," version 1.4, U.S. Department of Defense, May 2000.
68.Mark Russinovich & Bryce Cogswell, DbgView: Windows NT/9x Debug monitor,
Sysinternals, <http://www.sysinternals.com/sitemap.shtml>.
69.Nmap - Free Security Scanner For Network Exploration & Security Audits, Insecure.Org, <http://www.insecure.org/nmap/index.html>.
70.Test TCP (TTCP) Benchmarking Tool for Measuring TCP and UDP Performance, PCAUSA, November 2003, < http://www.pcausa.com/Utilities/pcattcp.htm>.