跳到主要內容

臺灣博碩士論文加值系統

(2600:1f28:365:80b0:f3de:de2a:940c:ec8b) 您好!臺灣時間:2024/12/04 08:38
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:林智群
研究生(外文):Zhi-Qun Lin
論文名稱:以實驗案例探討UDP之分散式反射阻斷服務攻擊
論文名稱(外文):Case Study on UDP Distributed Reflective Denial-of-Service (DRDoS) Attack
指導教授:許振銘許振銘引用關係
指導教授(外文):Chen-Ming Hsu
學位類別:碩士
校院名稱:健行科技大學
系所名稱:資訊工程系碩士班
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2020
畢業學年度:108
語文別:中文
論文頁數:68
中文關鍵詞:阻斷服務攻擊分散式反射阻斷服務攻擊殭屍網路系統應用程式弱點偽造來源網路位址
外文關鍵詞:Decentralized denial-of-serviceDistributed Reflection Denial-of-Servicebotnetsservice vulnerabilityfake source network address
相關次數:
  • 被引用被引用:0
  • 點閱點閱:134
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
分散式阻斷服務攻擊(Distributed Denial-of-Service, DDoS)為全球前三大網路安全威脅之一,DDoS攻擊主要就是利用殭屍網路或偽造來源網路位址的方式攻擊受害端,若是能夠將應用程式的開放服務反射至目標端,並且使目標端無法正常的運作,這種攻擊方式就稱為分散式反射阻斷服務攻擊(Distributed Reflection Denial-of-Service, DRDoS)。利用這種方式,攻擊者就可藉由發送大量的服務請求、封包和流量等方式,反射更大的流量至目標端,進而耗盡目標網路的資源,來達到阻斷服務的目的。
為了瞭解DRDoS的運作模式,本論文首先會說明幾種DRDoS的弱點服務是如何被利用,然後會建置具有DRDoS服務的模擬場域,並找出服務可產生之反射放大係數與運作的方式。最後針對DRDoS的弱點製作出偵測程式,並依據所偵測的結果提出相對應的防護建議,以降低DRDoS所造成的危害。
Distributed denial-of-service (DDoS) attacks are one of the top three cybersecurity threats in the world. DDoS attacks are using botnets or forge source network address to attack the victims. If the open service of the application can be reflected to the target side and the target side cannot operate normally, this attack method is called a Distributed Reflection Denial-of-Service (DRDoS) attack. By sending a large number of service requests, packets, and traffic, an attacker can reflect a larger amount of traffic to the target and exhaust the resources of the target network to achieve the purpose of blocking services.
In order to understand the operation mode of DRDoS, this paper first illustrate how several weak services of DRDoS are used, and then create a simulated field with DRDoS service, and find out the reflection amplification factor and operation method that the service can generate. Finally, a detection program is made for the weaknesses of DRDoS. According to the detection results, we propose the corresponding protection suggestions to reduce the harm caused by DRDoS.
論文口試委員審定書 i
摘  要 ii
Abstract iii
誌 謝 iv
目 錄 v
表目錄 vii
圖目錄 viii
第一章 緒論 1
1.1 前言 1
1.2 研究動機 2
1.3 研究貢獻 2
1.4 論文架構 2
第二章 研究背景與技術回顧 3
2.1 DRDoS 3
2.2 UDP 3
2.3 DNS服務 4
2.4 NTP服務 9
2.5 SNMP服務 12
2.6 TFTP服務 14
第三章 環境架構與設定 18
3.1 DNS反射式弱點服務設定 19
3.2 具NTP反射式弱點服務設定 21
3.3 具SNMP反射式弱點服務設定 22
3.4 具TFTP反射式弱點服務設定 24
第四章 反射式弱點服務放大倍數與偵測方式 27
4.1 DNS反射放大倍數測試與偵測方式 27
4.2 NTP反射放大倍數測試與偵測方式 31
4.3 SNMP反射放大倍數測試與偵測方式 34
4.4 TFTP反射放大倍數測試與偵測方式 35
第五章 防禦機制探討 38
5.1 DNS防禦建議 38
5.1.1 關閉遞迴查詢功能 38
5.1.2 限制可查詢位址 39
5.1.3 禁止特定回應封包 41
5.1.4 設定限制回應數量 42
5.2 NTP防禦建議 43
5.2.1 更新服務版本 43
5.2.2 關閉monlist 45
5.2.3 禁止特定的回應封包 46
5.2 SNMP防禦建議 46
5.3.1 修改預設community名稱 46
5.3.2 限制可存取的網路位址 47
5.2 TFTP防禦建議 48
5.4.1 重送資料次數 48
5.4.2 檔案名稱命名強度 49
第六章 結論 50
6.1 結論 50
6.2 未來展望 50
參考文獻 51
附錄 53
簡 歷 68
[1] McAfee Labs 2017 Threats Predictions November 2016. Retrieved from https://www.mcafee.com/ca/resources/reports/rp-threats-predictions-2017.pdf
[2] How to Stop a DDoS Attack in Its Tracks (Case Study).(2018). Retrieved from https://kinsta.com/blog/ddos-attack/
[3] Sandeep, Rajneet.(2014,October - December). A Study of DOS & DDOS – Smurf Attack and Preventive Measures. International Journal of Computer Science and Information Technology Research, Vol. 2, Issue 4, 312-317
[4] Hardy, Simon; Dederichs, François (2016) Understanding DoS protection services. Ecole polytechnique de Louvain, Université catholique de Louvain. Retrieved from https://dial.uclouvain.be/memoire/ucl/en/object/thesis:4614
[5] Cite as: Trabelsi, Z., & Ibrahim, W. (2013). A hands-on approach for teaching denial of service attacks: A case study. Journal of Information Technology Education: Innovations in Practice, 12, 299-319. Retrieved from http://www.jite.org/documents/Vol12/JITEv12IIPp299-319Trabelsi1193.pdf
[6] Christian Rossow. (2014). Amplification Hell: Revisiting Network Protocols for DDoS Abuse. In Symposium on Network and Distributed System Security (NDSS). Retrieved from https://christian-rossow.de/publications/amplification-ndss2014.pdf
[7] M. Prince; CloudFlare, Inc.(March 2013). Retrieved from http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet
[8] Margaret Rouse. (2014). UDP (User Datagram Protocol). SearchNetworking. Retrieved from https://searchnetworking.techtarget.com/definition/UDP-User-Datagram-Protocol
[9] Page 39 Suggested Citation:"2 The Domain Name System: Emergence and Evolution." National Research Council. 2005. Signposts in Cyberspace: The Domain Name System and Internet Navigation. Washington, DC: The National Academies Press. doi: 10.17226/11258. Retrieved from https://www.nap.edu/read/11258/chapter/4
[10] Bradley Mitchell. (2019, Nov). What Does Dynamic DNS Mean?. Lifewire. Retrieved from https://www.lifewire.com/definition-of-dynamic-dns-816294
[11] What Exactly Is Secondary DNS?.NS1. Retrieved from https://ns1.com/resources/what-exactly-is-secondary-dns
[12] Dig Command in Linux (DNS Lookup). (2020, Feb). Linuxize. Retrieved from https://linuxize.com/post/how-to-use-dig-command-to-query-dns-in-linux/
[13] Nelson Minar. December 9, 1999. A Survey of the NTP Network. MIT Media Lab E15–305 20 Ames Street Cambridge, MA 02139 USA. Retrieved from https://www.eecis.udel.edu/~mills/database/reports/ntp-survey99-minar.pdf
[14] Schmidt, Richard. (2017). NTP: Principles of Clock Offset, Network Delay Estimation, and LAN Latency Budgeting.
[15] Simple Network Management Protocol (SNMP).Allied Telesis. Retrieved from https://www.allied-telesis.co.jp/support/list/router/ar300/m027400b_pl3_990902/SNMP.pdf
[16] Dana Oros.(July 26, 2016). Network Basics: What Is SNMP and How Does It Work?.auvik. Retrieved from https://www.auvik.com/franklymsp/blog/network-basics-what-is-snmp/
[17] SIMPLE NETWORK MANAGEMENT PROTOCOL SATELLAR MANAGEMENT WITH SNMP GET AND SET. (2017). SATEL. Retrieved from https://www.satel.com/wp-content/uploads/2017/08/13.-SATELLAR-and-SNMP-Get-SNMP-Set.pdf
[18] THE TFTP PROTOCOL (REVISION 2). July 1992. RFC 1350. Retrieved from https://tools.ietf.org/html/rfc1350
[19] TFTP (Trivial File Transfer Protocol) – File Transfer Protocol made simple.(2019). Digital Guide. Retrieved from https://www.ionos.com/digitalguide/server/know-how/trivial-file-transfer-protocol/
[20] Jonas Lundberg, Ola Flygt. 2009. A TFTP Server. Matematiska och systemtekniska institutionen, MSI, Växjö universitet. Retrieved from http://homepage.lnu.se/staff/oflmsi/DA2402/lab4_1.pdfr
[21] File tftp-enum. NMAP. Retrieved from https://nmap.org/nsedoc/scripts/tftp-enum.html
[22] tftplist.txt. NMAP. Retrieved from https://github.com/nmap/nmap/blob/master/nselib/data/tftplist.txt
電子全文 電子全文(網際網路公開日期:20250728)
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top