【摘要】：伴隨著互聯網的迅猛擴張,電子商務、網絡企業(yè)在互聯網上得到了急速發(fā)展,同時也給網絡攻擊者提供了極大的犯罪空間。近年來,各種網絡攻擊事件頻繁發(fā)生,尤其是網絡釣魚和網絡嫁接攻擊。網絡釣魚主要通過發(fā)送聲稱來自銀行或其他知名機構的欺騙性垃圾郵件,意圖引誘收信人泄露敏感信息以實施攻擊。網址嫁接攻擊是在網絡釣魚攻擊的基礎上發(fā)展起來的一種新的更高級的攻擊方式。主要通過在用戶電腦上植入木馬、安裝惡意軟件或者破壞域名服務器的解析過程等手段,將用戶重定向到虛假的網頁,并伺機竊取用戶的重要信息。網址嫁接攻擊采用的技術手段不同于傳統(tǒng)的網絡釣魚攻擊,傳統(tǒng)的檢測與防范技術無法直接應用于網址嫁接攻擊。 目前,針對網址嫁接攻擊的研究還處于初步階段,深入研究網址嫁接攻擊采用的技術手段以及檢測與防范方法,具有十分重要的理論與現實意義。本文在研究網址嫁接攻擊原理基礎上,提出一種基于IP地址過濾與PSO-SVM混合算法的網址嫁接攻擊檢測模型,用于客戶端檢測網址嫁接攻擊,并進一步提出一種基于主機hosts文件保護的網址嫁接攻擊防范方法。仿真實驗表明,本文提出的檢測模型對網址嫁接攻擊的識別準確率可達到99%以上。具體工作包括： 1.研究了網址嫁接的攻擊原理和攻擊類別,并在分析域名服務工作過程和hosts文件脆弱性的基礎上,提出了基于主機hosts文件保護的網址嫁接攻擊防范方法。 2.通過分析網址嫁接攻擊對IP地址解析過程的影響以及虛假網頁與合法網頁特征的差異性,提出一種基于IP地址過濾與PSO-SVM混合算法的網址嫁接攻擊檢測模型。 3.從互聯網爬取合法網頁,并從PishTank庫中隨機抽取一定數量的虛假網頁,提取12個網頁敏感特征,對本文提出的檢測模型進行了大量的實驗,驗證了本模型用于網址嫁接攻擊檢測的有效性。 4.基于Netbeans軟件開發(fā)平臺,利用Java編程語言實現了C/S結構的網址嫁接攻擊檢測及防范系統(tǒng)。
[Abstract]:With the rapid expansion of the Internet, e-commerce, network enterprises in the Internet has been rapid development, but also to network attackers to provide a great space for crime. In recent years, a variety of network attacks occur frequently, especially phishing and grafted attacks. Phishing involves sending fraudulent spam purporting to come from banks or other well-known institutions in an attempt to entice recipients to reveal sensitive information to carry out attacks. Web site grafting attack is a new and more advanced attack method based on phishing attack. By inserting Trojan horse into user's computer, installing malware or destroying the parsing process of domain name server, the user is redirected to a false web page, and the important information of the user is stolen. Web site grafting attack is different from the traditional phishing attack, and the traditional detection and prevention technology can not be directly applied to the site grafting attack. At present, the research on web site grafting attack is still in its initial stage. It is of great theoretical and practical significance to study the technical means, detection and prevention methods of web site grafting attack. On the basis of studying the principle of web address grafting attack, this paper proposes a detection model of web address grafting attack based on IP address filtering and PSO-SVM hybrid algorithm, which can be used to detect web site grafting attack by client. Furthermore, this paper proposes a method of preventing the attack of web address grafting based on host hosts file protection. The simulation results show that the detection model proposed in this paper can identify the URL grafting attacks with a accuracy rate of more than 99%. Specific work includes: 1. On the basis of analyzing the working process of domain name service and the vulnerability of hosts file, this paper puts forward a method of preventing the attack based on the protection of host hosts file. 2. By analyzing the influence of address grafting attack on the process of IP address resolution and the differences between false web pages and legitimate web pages, a new detection model of URL grafting attack based on IP address filtering and PSO-SVM hybrid algorithm is proposed. 3. After crawling legal web pages from the Internet and randomly extracting a certain number of false web pages from the PishTank library, 12 sensitive features of web pages are extracted, and a large number of experiments are carried out on the detection model proposed in this paper. The validity of this model for detecting web site grafting attacks is verified. 4. Based on Netbeans software development platform, the detection and prevention system of Web site grafting attack based on C / S structure is realized by using Java programming language.
【學位授予單位】：華北電力大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08;TP18

【參考文獻】

相關期刊論文 前1條

1 鞠秋文;;PSO-SVM算法在網絡入侵檢測中的研究[J];計算機仿真;2011年04期

，

本文編號：2360406