Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/6273
標題: 具有網路安全防衛系統的閘道器
A Gateway Incorporated with a Defense System for Network Security
作者: 馮忠信
Feng, Chung-Hsin
關鍵字: Gateway;網路閘道器;Network Security;Linux Security Module(LSM);網路安全;LSM
出版社: 電機工程學系所
引用: [1] Sean Walton, “Linux Socket Programming”, SAMS, January 26, 2001. [2] W. Richard Stevens, “Unix Network Programming”, Prentice Hall, January 15, 1998. [3] Larry L. Peterson, Bruce S. Davie, “Computer Network: a Systems Approach”, 3th, Morgan Kaufmann, 2000. [4] S. McClure, J. Scambray, and G. Kurtz, “Hacking exposed: Network security secrets and solutions”, McGraw-Hill, 1999. [5] T. Garfinkel, “Traps and pitfalls: Practical problems in system call interposition based security tools,” Proc. Network and Distributed Systems Security Symposium, Feb. 2003. [6] N. Provos, “Improving host security with system call policies,” Proc. 12th USENIX security Symposium, pp. 257-272, Aug. 2003. [7] M. Rajagopalan, M. Hiltunen, and T. Jim, “Authenticated system calls,” Proc. IEEE International Conference on Dependable Systems and Network, June 2005. [8] N. Nguyen, P. Reiher and G. H. Kuenning, “Detecting insider threats by monitoring system call activity,” IEEE Workshop on Information Assurance, June 2003. [9] C. Wright, C. Cowan, J. Morris, S. Smalley, and G. Kroah-Hartman, “Linux security modules: General security support for the Linux kernel,” Proc. 11th USENIX security Symposium, 2002. [10] Onur Demir, Kanad Ghose, “Real-Time Protection against DDoS Attacks Using Active Gateways”, Proc. 25th ICDCSW, 2005. [11] J. Chirillo, “Hack attacks revealed: A complete reference for UNIX, Windows and Linux with custom security toolkit”, Wiley, Second edition, 2002. [12] S. Panjwani, S. Tan, K. M. Jarrin and M. Cukier, “An Experimental Evaluation to Determine if Port Scans are Precursors to an Attack”, Proc. of Dependable System and Networks(DSN), 2005 [13] L. Garber, “Denial-of-service attack rip the Internet,” IEEE Computer, pp. 12-17, Apr. 2000. [14] D. Moore, G. Voelker and S. Savage, “Inferring internet denial of service activity,” Proc. of USENIX Security Symposium, Aug. 2001. [15] H. Wang, D. Zhang and K. G. Shin, “Detecting SYN flooding attacks,” IEEE INFOCOM 2002, pp. 1530-1539, 2002. [16] V. Fuller, T. Li and J. Yu, “Classless Inter-Domain Routing(CIDR) an Address Assignment and Aggregation Strategy”, RFC1519, Sep. 1993. [17] K. Egevang, P. Francis “The IP Network Address Translator”, RFC1631, May 1994. [18] B. Cosell, “IMP System change notification”, RFC213, Aug. 1971. [19] J. Postel, ” Transmission Control Protocol”, RFC793, Sep. 1981. [20] John D. Howard, “An analysis of security incidents on the Internet,” http://www.cert.org/research/JHThesis/Start.html, Apr. 1997. [21] F-Secure, http://www.f-secure.com/slapper [22] NIDS, http://www.ticm.com/kb/faq/idsfaq.html [23] Intel IXDPG425, www.intel.com/design/network/products/npfamily/ixp4xx.htm. [24] Using the Security Module Interface, http://www.linuxjournal.com/article/6279. [25] Netlink Socket, http://www.linuxjournal.com/article/7356. [26] Board Porting, http://www.devicescape.com/docs/uwp/developer_guide. [27] SnapGear, http://www.snapgear.org/snapgear/index.html. [28] IXP425 Porting guide, http://sourceforge.net/projects/ixp4xx-osdg. [29] ARM Linux Project, http://www.arm.linux.org.uk/. [30] CLinux, http://www.uclinux.org/.
摘要: 
在網路的蓬勃發展之下,有越來越多的應用都架構於網路上。但是隨著網路使用的範圍越來越廣泛,網路攻擊的問題也層出不窮。於是,系統的安全性便需要加以提升來避免被入侵或是攻擊。尤其,當有更多的裝置皆具有連接網際網路的功能時,勢必會使用閘道器來互相連接,分享網際網路的資源,因此,閘道器的安全性也必須更注意。Linux Security Module(LSM)是一個介於Kernel API和User Application之間的介面,它利用掛載模組的方式,讓我們可以將自己所設計的安全機制整合於Kernel中。本系統利用LSM提供多個稱作Security Hook的函數指標,發展防禦機制來防止後門程式、蠕蟲攻擊、PortScan與SYN Flooding攻擊等,並且實現於IXDPG425的平台上,也具有NAT和DHCP的功能。另外也將運行中的資訊與防禦的結果作記錄,提供給管理者參考與查詢。

Since the growing development of Internet technology, there is more and more application on Internet. But when network used more and more extensive, the network attack occurs more often. Consequently the system needs to improve security, and to avoid being attacked or invaded. In addition when more devices have capability to connect Internet, must use Gateway to connect each other and share Internet. So the Gateway must to improve security too. The Linux Security Module (LSM) is interface with Kernel API and User Application. It use the way of “Load Module”, enable our security rules combine in Kernel. This paper implement Gateway includes both NAT and DHCP on platform of IXDPG425. Besides we implement security rules with LSM to against backdoor, worms, port scans, SYN flooding attack. We also offer system's logs and protection of results for administers to look up and research.
URI: http://hdl.handle.net/11455/6273
其他識別: U0005-1107200618214600
Appears in Collections:電機工程學系所

Show full item record
 

Google ScholarTM

Check


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.