English  |  正體中文  |  简体中文  |  Items with full text/Total items : 69937/69937 (100%)
Visitors : 23277245      Online Users : 502
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version

    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/72023

    Title: Spoofed SYN Packet Detector Using a Probe Packet
    Authors: 廖克軒;Liao,Ker-Hsuan
    Contributors: 資訊工程學系
    Keywords: TCP SYN泛洪攻擊;分散式阻斷服務攻擊;IP詐騙;TCP SYN flooding attack;DDoS attack;IP spoofing
    Date: 2016-07-15
    Issue Date: 2016-10-13 14:22:09 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 摘要


    現代的網路攻擊常伴隨著IP spoofing的使用,IP spoofing是一種偽造來源位址的手法。靠著這種手法,攻擊者可以掩飾自己的攻擊來源位址,使得資訊安全軟體或硬體無法追蹤攻擊路徑,因而無法做出正確的反應來保護使用者。

    在本篇論文中我們提出一套針對SYN封包的IP spoofing偵測法:Spoofed SYN Packet Detector (SPD)。由於根據TCP protocol,兩台主機要交換資料封包前必須先完成三向交握 (three way handshaking),而SPD又能夠對三向交握最開始傳送的SYN封包的來源IP位址進行真偽的確認,SPD就可以在傳遞非法資料封包之前先阻止整個連線的建立。

    實驗結果顯示,只要稍微增加一點工作負擔,在阻斷服務式攻擊如TCP SYN flooding attack之下,SPD能夠有效地防禦並維持網路服務的正常運作。

    Over the past several decades, the Internet usage is becoming more and more prevalent. But many network attacks are created following this trend. In 2015, the total amounts of user of Internet reach 3.3 billion. Hence once the attack like Distributed Denial of Service (DDoS) attack occurs, they will make tremendous financial losses and credential damage.

    Network attacks nowadays are followed by the IP spoofing technique. IP spoofing is a technique to masquerade source address of the attacker. It causes security software or hardware difficult to trace attack path and then the security device cannot make correct response.

    In this thesis, we propose a mechanism, called Spoofed SYN Packet Detector (SPD), to detect and defense IP spoofing for SYN packet. According to TCP protocol, before two machines want to exchange data packets, they must complete three way handshaking first. Besides, SPD can confirm the validity of the source IP address of the SYN packet in the beginning of the three-way handshaking. Therefore SPD can deny the following connection before the two machine start to exchange illegal data packets.

    Experimental results show that under the attack of DDoS attack like TCP SYN flooding attack, SPD can defense it effectively and make the network service operate normally as if there is no attack.
    Appears in Collections:[資訊工程研究所] 博碩士論文

    Files in This Item:

    File Description SizeFormat

    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback  - 隱私權政策聲明