網(wǎng)絡攻擊重放技術(shù)研究
發(fā)布時間:2019-03-16 18:22
【摘要】:網(wǎng)絡攻擊一直是影響網(wǎng)絡安全性的最主要原因之一,網(wǎng)絡攻擊時時刻刻都在發(fā)生著,尤其針對商業(yè),工業(yè),國家的政治,軍事等部門以及高價值個人等,其造成的危害不容忽視。很多網(wǎng)絡攻擊具有極其重要的價值,人們在看到其威脅的同時也應該看到其潛在的用途。這些網(wǎng)絡攻擊如果可以被再次利用,則將會對滲透測試以及國家級的網(wǎng)絡對抗等方面提供巨大的幫助。故本文的主要工作集中于網(wǎng)絡攻擊的再次利用,即網(wǎng)絡攻擊重放技術(shù)的研究。 本文首先介紹了網(wǎng)絡攻擊的種類,分析了各種類型網(wǎng)絡攻擊的特點,并針對其中兩大主要類型:惡意代碼攻擊和漏洞攻擊,提出了重放的思路和方法。 之后,本文分析了目前已有工具在網(wǎng)絡重放分析時存在的低效問題,確定了影響攻擊重放效率的關鍵因素,并在此基礎上設計并實現(xiàn)了名為ADef網(wǎng)絡攻擊過程快速分析工具。ADef具有主機入侵防御系統(tǒng)(HIPS)的進程,文件,注冊表以及網(wǎng)絡的記錄與監(jiān)控等基本功能,同時在內(nèi)核層面實現(xiàn)了針對全系統(tǒng)的攻擊載荷靜態(tài)與動態(tài)的自動化替換功能。 最后,本文選取了一系列典型的網(wǎng)絡攻擊樣本,通過對這些樣本的重放驗證了攻擊重放基本方法的正確性和針對全系統(tǒng)的攻擊載荷自動替換功能的實用性,同時也驗證了ADef系統(tǒng)在攻擊重放過程中的高效性和此系統(tǒng)在理論研究和工程實踐中的重要參考價值。
[Abstract]:Cyber attacks have always been one of the most important factors affecting network security, and cyber attacks are taking place all the time, especially against commercial, industrial, political, military and other sectors of the country, as well as high-value individuals, and so on. The harm caused by it should not be ignored. Many cyber attacks are of great value, and people should see their potential uses as well as their threats. If these attacks can be re-exploited, they will be of great help to penetration testing and national-level cyber warfare. Therefore, the main work of this paper focuses on the reuse of network attack, that is, the research of network attack replay technology. In this paper, the types of network attacks are introduced, the characteristics of various types of network attacks are analyzed, and two main types of network attacks, malicious code attack and vulnerability attack, are put forward, and the ideas and methods of replay are put forward. After that, this paper analyzes the inefficiency of existing tools in network replay analysis, and determines the key factors that affect the replay efficiency of attack. ADef has the basic functions of the host intrusion prevention system (HIPS), such as process, file, registry, network record and monitoring, and so on, which is called ADef network attack process analysis tool, which is called ADef fast analysis tool, which is called ADef network attack process analysis tool. At the same time, the static and dynamic automatic replacement function of attack load for the whole system is realized at the kernel level. Finally, this paper selects a series of typical network attack samples, and verifies the correctness of the basic method of attack replay and the practicability of the automatic replacement function of attack load for the whole system through the replay of these samples. At the same time, the efficiency of ADef system in attack replay process and the important reference value of this system in theory research and engineering practice are also verified.
【學位授予單位】:北京郵電大學
【學位級別】:碩士
【學位授予年份】:2014
【分類號】:TP393.08
本文編號:2441851
[Abstract]:Cyber attacks have always been one of the most important factors affecting network security, and cyber attacks are taking place all the time, especially against commercial, industrial, political, military and other sectors of the country, as well as high-value individuals, and so on. The harm caused by it should not be ignored. Many cyber attacks are of great value, and people should see their potential uses as well as their threats. If these attacks can be re-exploited, they will be of great help to penetration testing and national-level cyber warfare. Therefore, the main work of this paper focuses on the reuse of network attack, that is, the research of network attack replay technology. In this paper, the types of network attacks are introduced, the characteristics of various types of network attacks are analyzed, and two main types of network attacks, malicious code attack and vulnerability attack, are put forward, and the ideas and methods of replay are put forward. After that, this paper analyzes the inefficiency of existing tools in network replay analysis, and determines the key factors that affect the replay efficiency of attack. ADef has the basic functions of the host intrusion prevention system (HIPS), such as process, file, registry, network record and monitoring, and so on, which is called ADef network attack process analysis tool, which is called ADef fast analysis tool, which is called ADef network attack process analysis tool. At the same time, the static and dynamic automatic replacement function of attack load for the whole system is realized at the kernel level. Finally, this paper selects a series of typical network attack samples, and verifies the correctness of the basic method of attack replay and the practicability of the automatic replacement function of attack load for the whole system through the replay of these samples. At the same time, the efficiency of ADef system in attack replay process and the important reference value of this system in theory research and engineering practice are also verified.
【學位授予單位】:北京郵電大學
【學位級別】:碩士
【學位授予年份】:2014
【分類號】:TP393.08
【參考文獻】
相關期刊論文 前3條
1 孫樂昌;夏陽;陸余良;;網(wǎng)絡主機脆弱性分析[J];計算機工程與科學;2006年12期
2 項國富;金海;鄒德清;陳學廣;;基于虛擬化的安全監(jiān)控[J];軟件學報;2012年08期
3 王宜陽;劉家豪;;Conficker蠕蟲的分析與防范[J];信息網(wǎng)絡安全;2010年10期
,本文編號:2441851
本文鏈接:http://sikaile.net/guanlilunwen/ydhl/2441851.html
最近更新
教材專著
