本文關鍵詞：面向數(shù)據(jù)鏈路層的自主地址解析協(xié)議安全機制研究　出處：《哈爾濱工業(yè)大學》2016年博士論文　論文類型：學位論文

  更多相關文章： 地址解析 鄰居發(fā)現(xiàn) 博弈 WAY機制 逆向機制設計 匿名解析

【摘要】：計算機網(wǎng)絡采用層次化的方法來簡化網(wǎng)絡的設計與實現(xiàn)。為了減少上下層之間的耦合程度,網(wǎng)絡體系的每一層在設計過程中都盡可能的使用獨立的通信屬性,這種設計導致上下層間的通信屬性要有明確的對應關系。地址解析協(xié)議則重點解決數(shù)據(jù)鏈路層物理地址與網(wǎng)絡層的IP地址之間的對應關系。在現(xiàn)有的網(wǎng)絡體系中,處理通信屬性對應關系主要有兩種模式:一種是以DNS為代表的集中解析方式;另外一種則是以地址解析協(xié)議為代表的自主發(fā)現(xiàn)模式。由于在自主發(fā)現(xiàn)模式中不存在權威的服務器,地址的產(chǎn)生與使用無需注冊與認證,因此地址解析協(xié)議極易受到欺騙攻擊,所以安全是地址解析協(xié)議不可回避的問題。針對當前地址解析協(xié)議面臨的安全威脅,論文力求在協(xié)議機制、關鍵信息隱藏、地址解析的特殊性研究、安全協(xié)議設計等方面取得研究成果。首先,論文證明了與地址解析協(xié)議相關的兩個重要問題:對應關系的不可判定性及地址解析與地址重復的等價性。以往的研究多采用判定的方式來提升解析過程的安全性,通過判定來過濾非法報文,這種判定或者使用自身的系統(tǒng)軟件或者通過第三方設備來實現(xiàn),但對應的不可判定性則表明采用判定的方式是不完美的,誤判率是不可消除的。而地址解析與DAD的等價性則表明NDP、SEND等協(xié)議在設計上可以簡化,部分功能可以合并,解析過程與DAD在安全方法上可以互相借鑒。進一步,針對協(xié)議設計缺少理論支撐問題,本文從博弈論角度對地址解析協(xié)議的安全性進行了研究。首先提出了錢包問題,通過對錢包問題的博弈樹分析,指出了地址解析協(xié)議的設計的不合理之處。從博弈論的角度看,地址解析問題是一個三階段的信號博弈。第一階段即信號設計階段,此階段的目的是要最大限度提升主機的安全性;第二階段為主機發(fā)出信號,其他參與人決定是否參與;第三階段各個參與人根據(jù)博弈規(guī)則與收益函數(shù)決定最終收益。分析表明,如果協(xié)議機制設計的合理,理性的參與人會放棄無謂的攻擊,因為攻擊行為的收益會小于正常參與行為下的收益。其次,本文提出了WAY機制的重復地址檢測過程。傳統(tǒng)的重復地址檢測過程在發(fā)起階段直接將檢測的目的地址(關鍵信息)在網(wǎng)絡中進行廣播,導致檢測過程容易受到針對性的DoS攻擊,結果是節(jié)點無法配置新地址。為克服這種弱點,論文提出了WAY。WAY機制將重復地址檢測的目的地址視為關鍵信息,通過自我聲明及WAY-table檢查的方法,同時使用逆向地址確認使攻擊節(jié)點暴露真實MAC地址,從而對欺騙報文進行過濾,使欺騙節(jié)點攻擊成本增加且無法進行二次及多次欺騙。第三,本文提出了逆向地址解析機制Re-AR。機制設計理論表明,傳統(tǒng)的地址解析協(xié)議的機制設計是不合理的,它并沒有實現(xiàn)機制設計的目的,即機制設計者利益的最大化或者盡可能的公平。它使得惡意節(jié)點可以通過簡單的欺騙手段就可以獲取更多的收益。針對這些問題,論文提出了基于逆向機制的地址解析過程與重復地址檢測過程。根據(jù)機制設計理論中的顯示原理,逆向地址解析過程將主機的網(wǎng)絡地址與物理地址視為私有類型,在地址解析過程中,節(jié)點收到地址解析廣播報文后將私有類型單播給解析主機,解析主機根據(jù)事先確定的機制將通信權交給正確的被解析方。由于逆向地址解析在進行廣播時不公開解析目的地址,使得欺騙節(jié)點無法根據(jù)目的地址進行攻擊,有效防止了欺騙。在逆向重復地址檢測過程Re-DAD中,檢測主機并不直接給出檢測的目的地址,而是通過前綴信息來給出檢測范圍,讓應答節(jié)點主動聲明符合條件的地址,主機通過驗證這些地址,判斷是否存在地址沖突,從而顯著增加了攻擊難度。第四,論文提出了尋找秘密人問題SSM及匿名地址解析協(xié)議AS-AR�，F(xiàn)實中還存在很多問題與錢包問題類似,這些問題具有自身的特點,論文將這類問題稱為尋找秘密人問題,地址解析是尋找秘密人問題的一個實例。論文針對尋找秘密人問題的特點,提出了一種新的安全協(xié)議,即尋找秘密人協(xié)議。尋找秘密人協(xié)議要解決的問題是:在關鍵信息必須公開的情況下,如何降低尋找秘密人的風險。論文設計了兩種尋找秘密人協(xié)議的模型:一種基于隨機預示機模型;另外一種則為綜合安全協(xié)議。并在這兩種模型的基礎上設計了新的重復地址檢測過程DAD-h與地址解析過程AS-AR。新的地址解析過程稱為匿名的地址解析過程,這種地址解析過程不僅將解析的目的地址進行隱藏,同時還將解析節(jié)點的IP地址與MAC地址進行隱藏,實現(xiàn)了匿名地址解析。實驗與對比分析表明,這種匿名的地址解析過程不但可以防止欺騙攻擊,還有效的防止了拒絕服務攻擊。
[Abstract]:Computer network adopts hierarchical method to simplify the design and implementation. In order to reduce the coupling degree between two layers, each layer of the network system in the design process as the communication attributes may use independently, this design leads to communication between the upper and lower properties that have a clear relationship. Then the address resolution protocol the key to solve the correspondence between the data link layer and network layer physical address IP address. In the existing network system, the corresponding relationship between communication attributes has two main modes: one is centralized analysis method represented by DNS; another is to address resolution protocol as the representative of the independent model. Due to the self discovery authority server does not exist mode, address generation and use without registration and certification, so vulnerable to ARP spoofing attacks, so the security is. The analytical protocol can not be avoided. In view of the current security threats facing the ARP protocol, in the paper the key mechanism, information hiding, study the particularity of address resolution, obtain research results of security protocol design. Firstly, the thesis proves that the solution of two important issues related to analysis and address: correspondence agreement undecidability and address resolution and address repeated equivalence. Previous studies using decision way to enhance the safety of the parsing process, by deciding to filter illegal message, this kind of judgement or use software itself or by third party equipment, but the corresponding undecidability is that the judge the way is not perfect, it is not possible to eliminate false positives. And the equivalence of DAD and analytic address indicates that NDP, SEND and other protocols can be simplified in the design, some of the work can be combined Then, the parsing process and DAD can learn from each other in security methods. Further, according to the protocol design lacks the support theory, this paper from the game theory angle of the safety of ARP was studied. First proposed the wallet problem, through the game tree on the wallet problem analysis, pointed out the unreasonable design of address resolution protocol the. From the perspective of game theory, address resolution problem is a signaling game in three stages. The first stage is signal design stage, this stage is designed to enhance the security of the host of the maximum; the second stage is the host signal, other participants to decide whether to participate in the third stages; in the game the rules and determine the final income income function. The results show that, if the protocol design is reasonable, rational participation of people will give up unnecessary attack, because the attack behavior will return Less than normal participation under income. Secondly, this paper presents the process WAY duplicate address detection mechanism. Duplicate address detection in traditional initiation stage directly to the destination address detection (key information) to broadcast on the network, resulting in the detection process vulnerable to targeted DoS attacks, results are unable to configure new nodes address. In order to overcome this weakness, this paper proposes the WAY.WAY mechanism to address duplicate address detection as the key information, through the method of self declaration and WAY-table examination, and confirm the attack node to expose the true MAC address using reverse address, thus to filter spoofing packets, which increase the cost of cheating node attack and can not be two times and repeatedly deceived. Third, is presented in this paper show that the reverse address resolution mechanism Re-AR. mechanism design theory, mechanism design of address resolution protocol is not traditional Reasonable, it does not achieve the aim of mechanism design, namely maximum mechanism designers benefit or as fair as possible. It makes the malicious nodes through simple deception can get more income. To solve these problems, the proposed process of reverse address resolution mechanism and duplicate address detection based on according to. The principle of mechanism design theory, reverse address resolution process network address and physical address of the host as a private type in the address resolution process, node receives a broadcast message will address resolution to resolve the host private type unicast communication, to resolve the host will power to the correct parse according to the predetermined mechanism. Because reverse address resolution not to open the destination address in analytical method for broadcasting, the deception node cannot attack according to the destination address, to effectively prevent the cheating. In the reverse duplicate address detection Re-DAD, destination address detection host can not give direct detection, but through the prefix information to give the detection range, to meet the conditions of the active node response statement addresses the host through the validation of these address, to determine whether there is conflict, which resulted in a significant increase in attack difficulty. Fourth, proposed the search for the secret the problem of SSM and anonymous address resolution protocol AS-AR. in reality, there are still many problems with the wallet problems similar to these problems, has its own characteristics, the problems of this type are called for secret issues, address resolution is an example of finding the secret people problems. According to the characteristics of the search for the secret of problems, put forward a a new security protocol, i.e. finding the secret agreement. In order to solve the problem of finding the secret agreement is: must be in the public key information about the case, how to reduce the The secret for risk. This paper designed two kinds of search for the secret agreement model: a prediction model based on random machine; another is the comprehensive security protocol. Based on these two models on the design process of AS-AR. address resolution DAD-h and address resolution process of duplicate address detection process of a new call to address the parsing process anonymous, this process will not only address resolution to address resolution to hide, also will parse node's IP address and MAC address are hidden, achieve anonymous address resolution. Experimental analysis and comparison show that this kind of anonymous address resolution process can not only prevent spoofing attacks, but also effectively prevent rejection service attack.

【學位授予單位】：哈爾濱工業(yè)大學
【學位級別】：博士
【學位授予年份】：2016
【分類號】：TP393.08

【相似文獻】

相關期刊論文 前10條

1 徐國天;;地址解析協(xié)議的安全問題研究[J];遼寧大學學報(自然科學版);2009年02期

2 李芳;夏宇;;地址解析協(xié)議病毒攻擊與防御分析[J];軟件;2013年02期

3 朱安凱;劉鳳榮;張宇;;校園網(wǎng)網(wǎng)絡地址解析協(xié)議被攻擊的解決方法[J];科技信息(學術研究);2008年20期

4 馬軍;王巖;;ARP協(xié)議攻擊及其解決方案[J];微計算機信息;2006年15期

5 路建民;;淺析ARP欺騙原理及解決方法[J];鐵道通信信號;2011年07期

6 王湘渝;邱春榮;;基于“ARP攻擊與防范”課程實驗設計[J];實驗室研究與探索;2009年05期

7 王學麗;;ARP協(xié)議欺騙與預防[J];黑龍江科技信息;2012年20期

8 李揚繼,方勇,蘭昆,陳超;ARP協(xié)議的攻擊與防范[J];兵工自動化;2004年04期

9 ;QA答疑室[J];少年電腦世界;2009年Z1期

10 胡若云,胡建偉,楊紹全;利用地址解析協(xié)議的地址空間欺騙技術[J];信息與電子工程;2005年03期

相關會議論文 前2條

1 劉鵬;李治國;;論網(wǎng)絡地址解析協(xié)議被攻擊的解決方法[A];山東電機工程學會第五屆供電專業(yè)學術交流會論文集[C];2008年

2 劉寧;王靖;高成英;;基于ARP Agent的透明防火墻技術[A];全國第十五屆計算機科學與技術應用學術會議論文集[C];2003年

相關重要報紙文章 前2條

1 武孟軍;ARP導致的網(wǎng)絡故障[N];電腦報;2004年

2 朱文博;認識TCP/IP和ISO-OSI[N];電腦報;2003年

相關博士學位論文 前1條

1 宋廣佳;面向數(shù)據(jù)鏈路層的自主地址解析協(xié)議安全機制研究[D];哈爾濱工業(yè)大學;2016年

相關碩士學位論文 前2條

1 王素蘋;IPv6 over DVB系統(tǒng)中地址解析協(xié)議的設計與實現(xiàn)[D];內(nèi)蒙古大學;2008年

2 張黃勵;針對ARP攻擊的主動防范策略研究與實現(xiàn)[D];重慶大學;2010年

，

本文編號：1358569