【摘要】：今天,大多數(shù)重要的工作和關(guān)鍵性的服務(wù)都依賴于互聯(lián)網(wǎng),沒有互聯(lián)網(wǎng)它們將很難正常運轉(zhuǎn),所以任何網(wǎng)絡(luò)運行的中斷將會帶來非常的不便�？紤]到互聯(lián)網(wǎng)最初是針對開放性和可擴展性而設(shè)計,并沒有太多的考慮到安全性,很顯然的,惡意用戶可以利用互聯(lián)網(wǎng)的設(shè)計缺陷,破壞大部分服務(wù)的運行。在多種網(wǎng)絡(luò)攻擊類型中,拒絕服務(wù)(DoS)攻擊是當(dāng)前互聯(lián)網(wǎng)服務(wù)的主要安全威脅,造成大規(guī)模的收入損失。分布式拒絕服務(wù)(DDoS)攻擊是一種大規(guī)模合作的DoS攻擊,通常由大量被侵占的主機發(fā)起。DDoS攻擊給世界各地的商業(yè)和互聯(lián)網(wǎng)服務(wù)提供商帶來日益增長的威脅。TCP-SYN(SYN標(biāo)志被置位的TCP報文)泛洪攻擊是DDoS攻擊中最普遍的方式,它影響運行TCP服務(wù)進程(三次握手機制建立TCP連接)的主機,現(xiàn)在,盡管它算是比較原始的攻擊手段,但仍能看到很多攻擊是由它演變過來的,所以TCP-SYN泛洪攻擊仍然具有它的研究價值和意義。 本文從DDoS攻擊體系入手,分析了攻擊者的動機,以及他們攻擊的實施過程,包括僵尸網(wǎng)絡(luò)、直接攻擊與反射攻擊及常用DDoS攻擊工具。隨后從協(xié)議的角度對DDoS攻擊進行分類,并就目前采取的防范措施做了簡要的介紹。接著,分析并研究了TCP-SYN泛洪攻擊原理和其常見攻擊類型,在OPNET仿真環(huán)境下對TCP-SYN泛洪攻擊進行建模仿真。最后,對得出的仿真結(jié)果進行分析,研究了TCP-SYN泛洪攻擊的危害程度,驗證了所建立的TCP-SYN泛洪攻擊模型的正確性。
[Abstract]:Today, most important work and critical services depend on the Internet. Without the Internet, it will be difficult to operate normally, so any interruption of network operation will be very inconvenient. Considering that the Internet was originally designed for openness and extensibility, and not too much security considerations, it is obvious that malicious users can take advantage of the design defects of the Internet to destroy most services. In many types of network attacks, denial of service (DoS) attacks are the main security threats to Internet services, resulting in a large loss of revenue. Distributed denial-of-service (DDoS) attack is a large-scale cooperative DoS attack. DDoS attacks are a growing threat to commercial and Internet service providers around the world. The TCP-SYN (SYN flagged TCP message) flooding attack is the most common form of DDoS attacks. It affects the host running the TCP service process (three handshakes to establish a TCP connection), and now, although it's a relatively primitive attack, you can still see that many attacks evolved from it. So TCP-SYN flooding attack still has its research value and significance. Starting with the DDoS attack system, this paper analyzes the motivation of the attackers and the implementation process of their attacks, including botnet, direct attack and reflection attack and common DDoS attack tools. Then the DDoS attacks are classified from the point of view of protocol, and the current preventive measures are briefly introduced. Then, the principle of TCP-SYN flooding attack and its common attack types are analyzed and studied, and the TCP-SYN flooding attack is modeled and simulated under the OPNET simulation environment. Finally, the simulation results are analyzed, and the harm degree of TCP-SYN flooding attack is studied, and the correctness of the established TCP-SYN flooding attack model is verified.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.08

【參考文獻】

相關(guān)期刊論文 前7條

1 唐洪英;付國瑜;;IP源地址偽造問題研究[J];重慶工學(xué)院學(xué)報;2006年11期

2 孫長華;劉斌;;分布式拒絕服務(wù)攻擊研究新進展綜述[J];電子學(xué)報;2009年07期

3 陳浩;張俊瑞;;SYN-Flood攻擊的建模與仿真[J];艦船電子對抗;2011年02期

4 杜曉敏;單來祥;;分布式拒絕服務(wù)攻擊及防御方法[J];計算機教育;2004年04期

5 蔣凌云;王汝傳;;基于流量自相似模型的SYN-Flood DDoS攻擊防范[J];南京郵電大學(xué)學(xué)報(自然科學(xué)版);2007年02期

6 陳竹;;內(nèi)聯(lián)網(wǎng)如何防范分布式拒絕服務(wù)攻擊[J];華南金融電腦;2009年09期

7 張明清;謝杰;張敏;張星磊;;基于OPNET的拒絕服務(wù)攻擊建模與仿真[J];系統(tǒng)仿真學(xué)報;2008年10期

，

本文編號：2381142