中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/13030
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41652286      Online Users : 1688
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/13030


    Title: 合作式防火牆之設計與應用;The Design and Applications of Cooperative Firewalls
    Authors: 游啟勝;Chi-Sheng Yu
    Contributors: 資訊管理研究所
    Keywords: 分散式防火牆;縱深防禦;合作防禦;網路安全;XML;入侵預防;Network Security;Distributed Firewall;Intrusion Prevention;Defense in Depth;Cooperative Defense;XML
    Date: 2003-06-20
    Issue Date: 2009-09-22 15:22:00 (UTC+8)
    Publisher: 國立中央大學圖書館
    Abstract: 隨著網路應用的普及與多元化,網路的安全問題逐漸被人們所重視。目前防火牆已經成為大多數企業的第一道網路安全防線,同時也是最重要的攻擊回應機制,且未來幾年內,防火牆仍然會是相當重要的網路安全防禦機制。但現有的防火牆因為部署位置及運作架構的限制,遭遇愈來愈多的問題,也漸漸無法防禦日新月異的攻擊手法。 本研究首先整理及分析防火牆的演進及目前的問題,進而以分散式防火牆為基礎,加上縱深防禦及合作防禦的概念,提出一套合作式防火牆系統,各合作式防火牆主機與其它防禦機制可進行合作防禦來達到入侵預防的目的。本研究將探討合作式防火牆的數種合作防禦方式及其中的困難點,並提出對應的解決方案,包括提出一種以 XML 為基礎的通用規則來解決合作防禦時的溝通及分散式防火牆的管理問題,及一種網蟲防禦方法以解決網蟲擴散時的內部網路癱瘓問題。 論文中也將說明合作式防火牆的系統架構、運作流程及模組設計,並以系統雛型展示解決網蟲的內部網路癱瘓問題及與入侵偵測系統進行合作防禦來抵禦攻擊,藉此說明合作式防火牆系統的效用及應用方式。 Because of the popularity and variety of network applications, network security is getting respected by people. Today, firewalls are the first line of defense of network security in most enterprises, and are also the most important mechanism of attack response. However, firewalls that are restricted by deployed positions and their architectures now suffer more and more challenges, and they also can’t defend more and more new attacks. In this thesis, we analyze the evolutions and problems of firewalls, and then develop a cooperative firewall system which is based on the distributed firewall and the concepts of defense in depth and cooperative defense. All firewalls in the cooperative firewall system can cooperate with other defense mechanisms to achieve intrusion prevention. We first present some possible schemes of cooperative defense with cooperative firewall system and discuss their difficulties. Then we propose solutions to solve these difficulties. The solutions include a new generic rule based on XML to solve the communication problems in cooperative defense and the management problem of distributed firewalls, and a detection and defense method of internet worm to solve the problem of network jam when worms spreading. We also propose the system architecture, operating procedures, and module design of our cooperative firewall system and build a prototype system that is able to solve the network jam of internet worm and make cooperative defense with intrusion detection system to explain the efficiency and applications of the cooperative firewall system.
    Appears in Collections:[Graduate Institute of Information Management] Electronic Thesis & Dissertation

    Files in This Item:

    File SizeFormat


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明