中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/68752
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 74010/74010 (100%)
造访人次 : 24679569      在线人数 : 256
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
  • 进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/68752


    题名: TRAP: A TCP Three-Way Handshake Server for TCP Connection Establishment
    作者: 蔡維泰;Cai,Wei-tai
    贡献者: 資訊工程學系
    关键词: 通訊控制協定;阻斷服務攻擊;三方交握;Linux;Netfilter;TCP options;TCP;DoS;Three-way Handshake;Linux;Netfilter;TCP options
    日期: 2015-07-22
    上传时间: 2015-09-23 14:24:32 (UTC+8)
    出版者: 國立中央大學
    摘要: 因為發起的門檻十分低,分散式阻斷服務攻擊(DDoS)在這幾年變得來越常見。於 2013 年,垃圾郵件防禦組織SpamHaus就遭受了來自全球各地高峰達到75Gbps的DDoS流量攻擊,而知名程式碼託管網站GitHub也於2015年3月遭受了經過中間人之DDoS放大攻擊。然而,即使TCP/IP的規格已經被公佈數十年之久,至今對於分散式阻斷服務攻擊依然沒有良好的防禦方式。

    本篇論文嘗試透過 TCP設計時保留之option欄位,因一般進行SYN-flood之惡意客戶端不會嘗試完成TCP三方交握之程序,如果有一經過認證、合法的客戶端嘗試連線至正遭受SYN-flood分散式阻斷服務攻擊之伺服器,在完成三方交握之後,伺服器端會回傳一特定封包,其TCP封包檔頭之option欄位會包含有新伺服器的IP位置與祕密字串,合法客戶端連線至新伺服器時,新伺服器會檢查是否有包含此祕密字串,若是檢查通過才放行此SYN封包,允許建立連線。;Distributed denial of service (DDoS) attacks has become more and more frequent nowadays. In 2013, a massive DDoS attack was launched against Spamhaus, a non-profit anti-spam mail organization. Up to 75Gbps of DNS reflection traffic were directed to Spamhaus′ servers, causing the service to shut down.

    Although DDoS has been long around ever since the internet has become popular, no good solutions has been offered yet.

    In this paper, we present a solution based on TCP redirection using TCP header options. When a legitimate client attempted to connect to a server undergoing an SYN-flood DDoS attack, it will try to initiate a TCP three-way handshake, after it has successfully established a connection, the server will reply with a RST packet, which a new server address and a secret is embedded in the TCP header options. The client can thus connect to the new server that only accepts SYN packets with the corrected secret using the supplied secret.
    显示于类别:[資訊工程研究所] 博碩士論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    index.html0KbHTML243检视/开启


    在NCUIR中所有的数据项都受到原著作权保护.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明