本文選題：惡意WiFi定位 + 特征指紋��； 參考：《北京交通大學》2017年碩士論文

【摘要】：隨著WiFi技術(shù)的成熟和手機的普及,手機通過WiFi熱點接入Internet已經(jīng)成為移動數(shù)據(jù)訪問的主要方式之一。但是WiFi接入面臨各種安全問題,比如WiFi釣魚、位置信息或者服務(wù)提供商的隱私數(shù)據(jù)的泄露等,給移動應(yīng)用的發(fā)展帶來巨大的安全風險。在這種情形下,研究惡意WiFi檢測和防護技術(shù)是十分必要和迫切的。本文重在研究惡意WiFi檢測和防護技術(shù),結(jié)合國內(nèi)外已有的工作研究,分析了惡意WiFi帶來的釣魚AP、DNS欺騙攻擊、SSLStrip攻擊等安全問題,研究了適應(yīng)當前WiFi安全需求的惡意WiFi檢測和防護技術(shù),并在移動終端和服務(wù)器端上設(shè)計和實現(xiàn)了原型系統(tǒng)。本文的主要研究工作如下:首先,分析了惡意WiFi的安全威脅,總結(jié)了已有的檢測和防護技術(shù)方法和特點。其次,研究了惡意WiFi檢測和防護的關(guān)鍵技術(shù),包括WiFi熱點特征指紋提取技術(shù)、特征指紋相似度檢測技術(shù)、惡意WiFi熱點定位技術(shù)、中間人攻擊的檢測和防護技術(shù)。第三,設(shè)計了惡意WiFi檢測和防護系統(tǒng)。最后,在移動終端和服務(wù)器端上實現(xiàn)了檢測和防護原型系統(tǒng),并完成了測試工作。本文的主要成果是:第一,本文通過對設(shè)備幀字段信息的分析,提出了 WiFi設(shè)備特征指紋提取算法和指紋相似度檢測算法,并將兩個算法應(yīng)用于接入前WiFi環(huán)境的檢測和接入時WiFi的惡意性檢測。第二,本文提出了 WiFi熱點定位算法,利用移動終端對惡意WiFi熱點位置定位,提供了一種對惡意WiFi熱點的主動防護能力。第三,本文通過對惡意中間人攻擊的原理分析,首先采用MAC對比法和域名撥測法實現(xiàn)惡意性檢測,其次采用靜態(tài)綁定路由器IP和MAC的方法實現(xiàn)惡意性檢測,解決了接入后惡意WiFi的檢測的問題。本文研究成果可以解決惡意WiFi帶來的多種安全問題,利用惡意WiFi檢測技術(shù)和中間人攻擊檢測技術(shù),支持接入前和接入后的惡意性檢測;當檢測到惡意WiFi后,利用惡意WiFi定位技術(shù)來發(fā)現(xiàn)惡意WiFi的位置,實現(xiàn)對惡意WiFi熱點的主動防護。通過測試,結(jié)果證明本系統(tǒng)能夠滿足本文所提出的系統(tǒng)目標和需求。
[Abstract]:With the maturity of WiFi technology and the popularity of mobile phones, mobile phone access to the Internet through WiFi hotspots has become one of the main ways of mobile data access. However, WiFi access faces a variety of security problems, such as WiFi fishing, location information or privacy data disclosure from service providers, which brings huge security risks to the development of mobile applications. In this case, it is necessary and urgent to study malicious WiFi detection and protection technology. This paper focuses on the study of malicious WiFi detection and protection technology, combined with the existing work at home and abroad, analyzes the malicious WiFi brought by the phishing APN DNS spoofing attack and SSLStrip attacks and other security issues. The malicious WiFi detection and protection technology adapted to the current WiFi security requirements is studied, and a prototype system is designed and implemented on the mobile terminal and server. The main work of this paper is as follows: firstly, the security threats of malicious WiFi are analyzed, and the existing methods and characteristics of detection and protection are summarized. Secondly, the key technologies of malicious WiFi detection and protection are studied, including WiFi hot spot feature fingerprint extraction technology, feature fingerprint similarity detection technology, malicious WiFi hot spot location technology, man-in-the-middle attack detection and protection technology. Thirdly, the malicious WiFi detection and protection system is designed. Finally, the prototype system of detection and protection is implemented on the mobile terminal and server, and the testing work is completed. The main achievements of this paper are as follows: first, by analyzing the field information of the device frame, this paper proposes a WiFi device feature fingerprint extraction algorithm and fingerprint similarity detection algorithm. The two algorithms are applied to the detection of WiFi environment before access and malicious detection of WiFi during access. Secondly, this paper proposes a WiFi hot spot location algorithm, which uses mobile terminals to locate malicious WiFi hotspots, and provides an active protection against malicious WiFi hotspots. Thirdly, this paper analyzes the principle of malicious man-in-the-middle attack. Firstly, it uses MAC contrast method and domain name dialing method to realize malicious detection, and then uses static binding router IP and MAC method to realize malicious detection. Solve the problem of malicious WiFi detection after access. The research results of this paper can solve many kinds of security problems brought by malicious WiFi, using malicious WiFi detection technology and man-in-the-middle attack detection technology to support malicious detection before and after access, when malicious WiFi is detected, The malicious WiFi location technology is used to detect the malicious WiFi location and to protect the malicious WiFi hotspots. The test results show that the system can meet the system objectives and requirements proposed in this paper.
【學位授予單位】：北京交通大學
【學位級別】：碩士
【學位授予年份】：2017
【分類號】：TN92

【相似文獻】

相關(guān)碩士學位論文 前3條

1 顧楊;基于無線設(shè)備特征指紋的無線釣魚接入點檢測技術(shù)研究[D];南京郵電大學;2014年

2 楊駿元;基于多特征指紋的輿情數(shù)據(jù)重復(fù)識別方法[D];南京大學;2016年

3 徐龍雨;惡意WiFi檢測與防護技術(shù)的研究與實現(xiàn)[D];北京交通大學;2017年

，

本文編號：2059221