跳到主要內容

臺灣博碩士論文加值系統

(18.97.14.84) 您好!臺灣時間:2024/12/03 23:12
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:莊明躍
研究生(外文):Ming-Yueh Chuang
論文名稱:分散式阻絕服務攻擊防治對策與其應用
論文名稱(外文):Prevention of Distributed Denial of Service
指導教授:黃仁竑黃仁竑引用關係
指導教授(外文):Ren-Hung Hwang
學位類別:碩士
校院名稱:國立中正大學
系所名稱:通訊工程研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2004
畢業學年度:92
語文別:中文
論文頁數:51
中文關鍵詞:分散式阻絕服務攻擊分散式阻絕服務攻擊防治對策
外文關鍵詞:Distributed Denial of ServiceDDoSPrevention
相關次數:
  • 被引用被引用:1
  • 點閱點閱:589
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:1
阻絕服務攻擊(Denial of Service, DoS)是一種在網路上常見癱瘓主機伺服器的駭客入侵攻擊手法,這類的攻擊手法往往造成主機伺服器服務的中斷,而引起極大的損失;目前針對這類的攻擊,我們雖然可以運用所謂的防火牆(firewall) 與一些諸如流量塑型(traffic shaper), 頻寬管理(bandwidth manager) 和入侵偵測系統(intrusion detection system) 等工具,加以有效的監控管理。然而,即使我們對單一方面的阻絕服務攻擊能有效的扼止,對多方面的分散式阻絕服務攻擊(Distributed Denial of Service, DDoS) 卻往往只能「望網興嘆」。因此,如何在現有的網際網路構架下提出一套有效的分散式阻絕服務攻擊防治對策,便成為目前網際網路上的一個重要的課題。在本論文中我們將利用現有開放源碼 (Open Source) 程式,提出一套「及時性」的分散式阻絕服務攻擊防治對策。在這個防治對策中,我們利用入侵偵測系統的網路偵測功能,達到「及時」的快速防治反應。除此之外,我們更發展了一套「戰爭遊戲系統(wargame)」,以線上收集的方式來加強防治對策的比對資料庫,期望能讓這個防治對策更接近「防範未然」的目標;同時我們也設計了新的「流量統計系統」,用以增進防治的準確度。本論文最後也將探討關於戰爭遊戲系統與流量統計系統的一些有趣的延伸應用。

DoS is nowadays a general type of cracker intrusion used to paralyze servers on the network. This kind of gimmick usually makes the server to be forced to stop their services, which might cause a considerable expense. Currently, we can use the so called firewall and some tools such as traffic shaper, bandwidth manager and IDS to manage an effective monitor which was good to administrations. However, even we can suppress the attack of DoS which is regarded as singled end attack; we cannot do anything about the multiple attacks from DDoS. Thus, how to bring out a useful prevention of distributed denial of service under the visible network circumstance becomes the major issue in network security region. In this thesis, we are going to promote an in time prevention by using Open Source Programs. In this policy, we take the advantage of IDS detection to get the whole reaction in time. Besides, we develop a wargame system to collect the required information for database enhancement of this prevention mechanism. We also redesign a new netflow system to confirm the accuracy of prevention. At last, we will also address on some interesting application of wargame and netflow systems.

第一章 序論
1.1 背景介紹
1.1.1 分散式阻絕服務攻擊簡介
1.1.2 入侵偵測系統簡介
1.1.3 戰爭遊戲系統簡介
1.1.4 流量紀錄系統簡介
1.2 論文架構
第二章 相關研究
2.1 分散式阻絕服務攻擊
2.2 偵測與防護系統
2.3 戰爭遊戲系統
2.3.1 源起
2.3.2 分類
2.3.3 特色
2.4 流量紀錄系統
2.4.1 Netflow 的介紹
2.4.2 與其他系統的比較
第三章 系統架構
3.1 防治對策系統架構
3.2 戰爭遊戲系統架構
3.3 流量紀錄系統架構
第四章 應用程式實作介紹
4.1 防治對策系統實作
4.1.1 MySQL主機與防治程式
4.1.2 Wargame主機與防治程式
4.1.3 Netflow主機與防治程式
4.1.4 Snort Rule 的編寫
4.2 戰爭遊戲系統實作
4.2.1 輔助網頁主機 (Auxiliary Web Site)
4.2.2 指令界面帳號主機 (Shell Account Site)
4.3 流量紀錄系統實作
第五章 結論
參考文件

[1]楊子翔、蔡錫鈞, “Network DoS/DDoS 攻擊及預防方法之研究”,
TANET2000.
[2]Paul Innella, "The Evolution of Intrusion Detection Systems,"
TDI Article Published in SecurityFocus, November 16, 2001.
[3]Lance Spitzner, "Honeypots: Tracking Hackers," ISBN 0-321-10895-7 2nd Printing, October 2002.
[4]Happy Hacker, Inc."Hacker Wargames! Hack these computers -- please!" from http://www.happyhacker.org/wargame/index.shtml
[5]Cisco System, Inc. "White Paper: NetFlow Services and Applications,"http://www.cisco.com/warp/public/cc/pd/iosw/ioft/neflct/tech/napps_wp.htm
[6]Christine Tan and Sonia Fahmy, "Packet fields in IDS Rules & Taxonomy of Dos/DDos attacks,"Research Notes from http://www.cra.org/Activities/craw/dmp/awards/2003/Tan/research/
[7]Sans Institute, "The History and Evolution of Intrusion Detection," 2001.
[8]Mark Webb-Johnson, "Intrusion Detection & Prevention,"HKCERT Events 096. Available from http://www.hkcert.org/ppt/event096/idp.pdf
[9]Anderson, James P., Computer Security Threat Monitoring and
Surveillance. James P. Anderson Co., Fort Washington, Pa., 1980.
[10]Heberlein, L. et al. "A Network Security Monitor." Proceedings of the IEEE Computer Society Symposium,
Research in Security and Privacy, May 1990, pp. 296-303.
[11]The NSS Group Report, "NetScreen-IDP 500 V3.0 Technical Evalution,"http://www.juniper.net/products/intrusion/ns_idp_500_wp_nss.pdf
[12]DEFCON, http://www.defcon.org/
[13]eWeek magazine, "Open Hack III - Grand Prize $50,000" from http://itrain.org/itinfo/2001/it010116.html
[14]Hackerslab, Inc. "Free Hacking Zone," from http://www.hackerslab.org
[15]Hackerslab, Inc. "King of fighter 2002 contest," from http://kof.hackerslab.org
[16]Hackerleon Collections, "Hacking Laboratory," from http://hackerleon.cybersoldier.net/lab.htm
[17]Ming-Yueh Chuang and Ren-Hung Hwang, "The Wargame Research," ICOS2003. http://twopensource.org/icos03/archives/cat_14accept.html
[18]Hacking Contest Web Site, http://hack.datafort.net/
[19]InMon Corporation Products, "InMon Traffic Server" from
http://www.inmon.com
[20]Flow-tools information, http://www.splintered.net/sw/flow-tools/
[21]Samplicator Software, http://www.switch.ch/tf-tant/floma/sw/samplicator/
[22]Patrick S. Harper, "Snort, Apache, PHP, MySQL, ACID on Redhat 9.0 Installation Guide," available from http://www.snort.org/docs/snort_acid_rh9.pdf
[23]Cisco System, Inc. "White Paper: Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks"
http://www.cisco.com/warp/public/707/newsflash.pdf
[24]Sourcefire, Inc. "Snort Users Manual," from http://www.snort.org/docs/writing_rules/

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top