發(fā)布時(shí)間：2018-04-12 12:03

  本文選題：狀態(tài)檢測 + 防火墻��； 參考：《電子科技大學(xué)》2014年碩士論文

【摘要】：隨著互聯(lián)網(wǎng)的發(fā)展,網(wǎng)絡(luò)安全問題已經(jīng)成為影響網(wǎng)絡(luò)健康發(fā)展的關(guān)鍵問題。其中防火墻技術(shù)就是有效的阻斷網(wǎng)絡(luò)供給、構(gòu)建網(wǎng)絡(luò)安全區(qū)域的關(guān)鍵技術(shù)。傳統(tǒng)的包過濾防火墻在處理用戶偽裝識(shí)別方面表現(xiàn)出嚴(yán)重的不足。為了有效的提供防火墻的防護(hù)效果,本文對基于狀態(tài)檢測的防火墻技術(shù)進(jìn)行了研究。并且對本文構(gòu)建的基于狀態(tài)檢測技術(shù)的防火墻進(jìn)行了詳細(xì)的分析和設(shè)計(jì)。在對狀態(tài)檢測防火墻的總體結(jié)構(gòu)進(jìn)行設(shè)計(jì)的基礎(chǔ)之上,詳細(xì)的討論了不同網(wǎng)絡(luò)協(xié)議下的狀態(tài)檢測機(jī)制的實(shí)現(xiàn)方法。并且對利用狀態(tài)檢測來實(shí)現(xiàn)NAT子系統(tǒng)方法進(jìn)行了分析和設(shè)計(jì)。最后在基于狀態(tài)檢測的防火墻技術(shù)分析與設(shè)計(jì)的基礎(chǔ)之上,本文對本文構(gòu)建的狀態(tài)檢測防火墻的功能和性能進(jìn)行了測試。詳細(xì)的探討了狀態(tài)檢測防火墻在處理TCP、UDP、ICMP協(xié)議方面的表現(xiàn)。通過本文的研究詳細(xì)的構(gòu)建出一種基于狀態(tài)檢測技術(shù)的防火墻系統(tǒng),切實(shí)的達(dá)到了對網(wǎng)絡(luò)流量的精準(zhǔn)控制和過濾。有效的避免了傳統(tǒng)包過濾防火墻以及代理技術(shù)防火墻存在的弊端和不足。希望通過本文的研究對于其他學(xué)者進(jìn)一步探討狀態(tài)防火墻技術(shù),強(qiáng)化網(wǎng)絡(luò)安全起到借鑒作用和參考價(jià)值。
[Abstract]:With the development of the Internet, network security has become a key issue affecting the healthy development of the network.Firewall technology is the key technology to effectively block the network supply and construct the network security area.The traditional packet filtering firewall has a serious deficiency in handling user camouflage identification.In order to provide the protective effect of firewall effectively, the firewall technology based on state detection is studied in this paper.And the firewall based on state detection technology is analyzed and designed in detail.Based on the design of the overall structure of the state detection firewall, the implementation of the state detection mechanism under different network protocols is discussed in detail.The method of using state detection to realize NAT subsystem is analyzed and designed.Finally, based on the analysis and design of the firewall based on state detection, this paper tests the function and performance of the firewall.The performance of state detection firewall in handling TCP / UDP / ICMP protocol is discussed in detail.Through the research of this paper, a firewall system based on state detection technology is built in detail, which can achieve the accurate control and filtering of network traffic.The traditional packet filter firewall and proxy firewall are avoided effectively.It is hoped that the research in this paper can be used as a reference for other scholars to further explore the state firewall technology and strengthen network security.
【學(xué)位授予單位】：電子科技大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前2條

1 江波濤,鄭善賢;基于ARM網(wǎng)絡(luò)處理器的高速硬件防火墻設(shè)計(jì)[J];電腦與信息技術(shù);2005年03期

2 激談;;完全自主知識(shí)產(chǎn)權(quán) 曙光龍芯防火墻[J];微電腦世界;2007年10期

，

本文編號：1739660