驗證SYN 洪水攻擊防禦方式之平台

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：59

、訪客IP：3.22.130.29

姓名

陳建欣(Jian-Xin Chen) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

驗證SYN 洪水攻擊防禦方式之平台

相關論文

★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm	★ Discoverer- Rootkit即時偵測系統
★ 一項Android手機上詐騙簡訊的偵測與防禦機制	★ SRA系統防禦ARP欺騙劫持路由器
★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines	★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統
★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統	★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection
★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks	★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection
★ Shark: Phishing Information Recycling from Spam Mails	★ FFRTD: Beat Fast-Flux by Response Time Differences
★ Antivirus Software Shield against Antivirus Terminators	★ MAC-YURI : My ACcount, YoUr ResponsIbility
★ KKBB: Kernel Keylogger Bye-Bye	★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 (2027-6-30以後開放)

摘要(中)

近年來隨著科技的發展各式各樣的設備皆可上網對人們的生活帶來許多便利，但相對的也產生了一些資安上的隱憂，如電視、冰箱、監視器等可連網IoT設備可能會被駭客入侵進而被用於惡意的目的上，而其中又以分散式阻斷式服務攻擊（Distributed Denial of Service，DDoS）最為常見也最具攻擊之效果，由於DDoS的目的在於癱瘓某一正常運作之服務使得正常使用者無法存取到該服務，進而造成對方嚴重的損失。
　　DDoS的種類又分成許多種，其中又以SYN flood以及UDP flood最常為駭客所使用，本論文主要專注於TCP中的SYN flood，SYN flood之目的在於佔用伺服器之資源使得正常使用者無法與伺服器建立連線進而造成服務癱瘓，而本論文目的在於探討現行已發展出各種抵禦Syn flood之防禦方式，分析其各種防禦方式之成效與其優缺點。

摘要(英)

Nowadays, technology brings many conveniences to our life, but it also leads to some issues about information security. For example, some IoT devices like webcam, television or refrigerator can be used by some hacker. DDoS (Distributed Denial of Service) is the most important one, it can make normal user can’t access the service and make the service and client lost a lot.
There are lots of kinds of DDoS. SYN flood and UDP flood is the most common DDoS used by attackers, and this paper will focus on SYN flood attack. The main purpose of SYN flood is run out most of server’s resources and make normal user can’t use this service. The purpose of this paper is that discuss the SYN flood mitigations which have been released in public and analyze advantages and disadvantages of each method by the result.

關鍵字(中)

★ 分散式阻斷服務攻擊
★ 阻斷服務攻擊
★ 洪水攻擊

關鍵字(英)

★ DDoS
★ Distributed Denial of Service
★ SYN flood

論文目次

中文摘要 i
Abstract ii
圖目錄 v
表目錄 vi
第 1 章緒論與背景介紹 1
1-1 DDoS介紹 2
1-2 各式DDoS攻擊介紹 3
1-2-1 網路層 (Layer 3) 3
1-2-2 傳輸層 (Layer 4) 3
1-2-3 表達層 (Layer 6) 4
1-2-4 應用層 (Layer 7) 4
第 2 章現行SYN flood之防禦手法 6
2-1 SYN proxy介紹 7
2-2 RST authentication介紹 9
2-2-1 RST authentication mode 1 9
2-2-2 RST authentication mode 2 11
2-3 Drop first SYN 13
第 3 章系統架構介紹 15
3-1 防護機制實作介紹 16
第 4 章實驗結果與分析 19
4-1 實驗環境 19
4-2 有效性驗證 22
4-3 效能測試 24
第 5 章結論 30
參考文獻 31

參考文獻

[1] “DDoS Attack Trends for Q4 2021” https://radar.cloudflare.com/notebooks/ddos-2021-q4
[2] “Exponential growth in DDoS attack volumes” https://cloud.google.com/blog/products/identity-security/identifying-and-protecting-against-the-largest-ddos-attacks
[3] Toke Høiland-Jørgensen, Jesper Dangaard Brouer, Daniel Borkmann, John Fastabend, Tom Herbert, David Ahern and David Miller. The eXpress data path: fast programmable packet processing in the operating system kernel. In ACM CoNEXT ’18, Heraklion, Greece, December 04 – 07, 2018.
[4] Patrik Goldschmidt. TCP Reset Cookies – a heuristic method for TCP SYN Flood mitigation. In Excel@Fit 2019.
[5] Dang Van Tuyen, Truong Thu Huong, Nguyen Huu Thanh, Pham Ngoc Nam, Nguyen Ngoc Thanh1 and Alan Marshall. SDN-based SYN Proxy - A solution
to enhance performance of attack mitigation under TCP SYN flood. In The Computer Journal Volume: 62 Issue: 4.

指導教授

許富皓(Fu-Hau Hsu)

審核日期

2022-7-19

推文