网络攻击与防御论文

网络攻击与防御论文

网络攻击与防御论文题目: 网络攻击和防御技术研究

摘要

网络在人类社会生活中的应用越来越广泛和重要，Internet已经把人们的学习、工作和生活紧密地联系在一起，但其中潜在的安全问题也越来越严峻，各种攻击手段层出不穷。其中拒绝服务攻击以其攻击范围广、隐蔽性强、简单有效、破坏性大和难以防御等特点成为最常见的网络攻击技术之一。尤其分布式拒绝服务攻击其破坏性更大，严重威胁着Internet的安全，受到这种攻击的损失是无法计量的。为其建立有效的防御机制是当前维护网络安全的重要目标之一。

本次毕业设计的主要工作是研究网络攻击与防御技术，并在此基础上重点研究分析拒绝服务攻击，并对其防御策略进行研究。主要研究成果如下：

（1）研究计算机网络攻击与防御的原理与技术。

（2）研究网络安全现状、发展趋势，常见网络攻击方法以及典型网络攻击技术。

（3）在上述研究基础上，主要研究拒绝服务攻击，详细分析研究了SYN Flood 攻击、Smurf攻击、Teardrop攻击等拒绝服务攻击的原理和防御策略。

（4）在对拒绝服务攻击分析研究的基础上，采用Java多线程技术实现对某个网站的SYN Flood拒绝服务攻击并分析了其防御方法。

关键词：拒绝服务攻击，防御策略，SYN Flood，Smurf，Teardrop

ABSTRACT

Network in human social life, more and more extensive and important, Internet has been the people's learning, working and living closely together, but potentially more serious security issues, all kinds of attacks one after another. Denial of service attack in which a wide range of its concealment and strong, simple and effective, destructive, and so large and difficult to defend the most common network attacks technologies. In particular, the distributed denial of service attacks more damaging, a serious threat to the security of Internet by the loss of such attacks can not be measured. Defense mechanism for the establishment of effective maintenance of network security is currently one of the important goals.

The main graduation work is to study the network attack and defense techniques,and focus on research and analysis on the basis of denial of service attacks, and to study their defense strategy.The main results are as follows:

(1)Study of computer network attack and defense of the principles and

techniques.

(2)Study of network security situation, development trends, common

network attack methods and techniques typical of network attacks.

(3)Based on these studies, the main research denial of service

attacks,detailed analysis of the SYN Flood attacks, Smurf attacks, Teardrop attacks the principle of denial of service attack and defense strategies.

(4) In the analysis of denial of service attacks based on the use of Java multi-threading technology on a Web site of the SYN Flood denial of service attacks and analysis of its defenses.

Keywords:Denial of service attacks, defense strategy, SYN Flood, Smurf, Teardrop

目录

第1章绪论 (1)

1.1网络安全的现状及发展趋势 (1)

1.1.1网络安全现状 (1)

1.1.2网络安全发展趋势 (2)

1.2网络安全的基本概念 (3)

1.3常用的网络安全防范措施和策略 (4)

1.4本次毕业设计的任务 (6)

第2章网络攻击技术研究 (7)

2.1网络攻击 (7)

2.2网络攻击模型概述 (13)

2.3几种典型的攻击模型 (14)

2.3.1攻击树模型 (14)

2.3.2特权图模型 (15)

2.3.3攻击图模型 (15)

2.3.4供/需模型 (16)

2.3.5基于Petri网的模型 (16)

第3章典型网络攻击与防范技术研究 (18)

3.1Web欺骗攻击 (18)

3.2分布式拒绝服务攻击 (19)

3.3缓冲区溢出攻击 (22)

3.4IP地址欺骗 (25)

3.5网络监听 (27)

3.6电子邮件攻击 (29)

第4章基于拒绝服务攻击的实现与防御策略的分析 (32)

4.1拒绝服务攻击原理 (32)

4.2基于拒绝服务的SYN Flood攻击的实现 (36)

4.2.1SYN Flood攻击实现功能 (37)