摘要
基于主动、被动探测攻击目标并分析其数据报的网络特征值,可以得出攻击目标的操作系统类型等重要信息,进而得出与之相关的系统漏洞,为入侵和攻击提供重要依据。提出的网络伪装模型中,通过对数据报报头网络特征值进行被动、主动伪装,可以有效防御针对网络特征值的主动、被动探测,实现隐藏攻击目标的真正网络特征信息,进而避免基于系统漏洞的攻击入侵。基于该模型实现的原型系统实验表明,该伪装模型能够很好地隐藏网络特征值。
By analyzing the networking character values actively and passively,attacker can get a lot of information about target host,such as the type of operating system.And follow these information,they can guess the system vulnerability.So these transparent values are very useful for the successful attack and intrusion process.In order to resolve above problems,this paper presents the network camouflaging model,which is based on the principle of camouflaging.Active camouflaging for network session is used to defeat the passive sniffle and detection,and passive camouflaging is used to defeat the active detection.As a result,the real network character values are hided and the camouflaged values are presented for the attacker.The experiment shows that the real networking character values are hided successfully.
出处
《计算机工程与应用》
CSCD
北大核心
2008年第3期10-13,共4页
Computer Engineering and Applications
基金
国家自然科学基金(the National Natural Science Foundation of China under Grant No.60503008)
关键词
网络伪装
网络特征值
网络探测
network camouflaging
networking character value
network detection
