簡易檢索 / 詳目顯示
| 研究生: |
王劭文 Wang, Shau-Wen |
|---|---|
| 論文名稱: |
在無線區域網路下使用ICMP與ARP回覆之ARP欺騙輕量化偵測機制 A Lightweight ARP Spoofing Detection Mechanism Using ICMP and ARP Replies in WLAN |
| 指導教授: |
林輝堂
Lin, Hui-Tang |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 電腦與通信工程研究所 Institute of Computer & Communication Engineering |
| 論文出版年: | 2017 |
| 畢業學年度: | 105 |
| 語文別: | 英文 |
| 論文頁數: | 57 |
| 中文關鍵詞: | 無線網路 、位址解析協議欺騙 、中間人攻擊 、黑洞攻擊 |
| 外文關鍵詞: | Wi-Fi, ARP Spoofing, Man-in-the-Middle attack, Black Hole attack |
| 相關次數: | 點閱:115 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
隨著網路技術的進步以及智慧型手機和平板電腦的普遍,我們的生活環境中有越來越多的行動上網裝置,也因此許多的公共場合都裝設有無線網路分享器,提供使用者網路服務,舉凡辦公室、咖啡廳以及機場等等,幾乎任何室內都有無線網路的訊號覆蓋,讓所有要使用行動裝置上網的使用者能夠很方便的使用,但也因為有許多的公開無線網路是未加密的,讓惡意的使用者有機可乘,進行各種無線網路的攻擊,讓許多使用者把自己的個人隱私資料暴露在公開的環境下而不自覺。這些攻擊中又以位址解析協議欺騙最為常見,是許多後續攻擊的前導點,這些後續攻擊包括:中間人攻擊、服務阻斷攻擊(黑洞攻擊、封包捨棄攻擊)、連線劫奪攻擊‧‧‧等等。因此,本論文會提出一個針對位址解析協議欺騙的偵測演算法,此演算法改善了一些現存演算法的缺點,並且實做出位址解析協議攻擊,透過實際的攻擊去驗證本論文題出的偵測演算法之有效性。最後,本論文會執行實做在實際環境中的情況,證實所提出的偵測演算法之有效性。
With the proliferation of handheld mobile devices nowadays, users expect to be able to access the Internet and its services anytime and anywhere. Consequently, Wi-Fi networks have become ubiquitous. However, most Wi-Fi APs are not encrypted, with the result that malicious users can easily hijack the network for their own nefarious purposes. ARP spoofing is a particularly common form of attack in which a malicious actor impersonates a legitimate user in order to facilitate further illegitimate activities such as man-in-the-middle attacks, denial of service attacks, session hijacking, and so on. To combat the threat posed by such attacks, this thesis proposes a lightweight ARP spoofing detection mechanism based on the ARP and ICMP replies in a WLAN network and implements ARP Spoofing to proof the correctness.
[1] http://www.independent.co.uk/life-style/gadgets-and-tech/news/wifi-hotpots-coffee-shop-dangerous-security-risk-report-a7750091.html
[2] Joshua J. Pauli, Patrick H. Engebretson, Michael J. Ham, and MarcCharles J. Zautke, “CookieMonster: Automated Session Hijacking Archival and Analysis,” 2011 Eighth International Conference on Information Technology: New Generations, pp. 403-407, 2011
[3] https://www.owasp.org/index.php/Category:OWASP_Top_Ten_2017_Project
[4] https://www.symantec.com/content/dam/symantec/docs/reports/2017-norton-wifi-risk-report-global-results-summary-en.pdf
[5] https://en.wikipedia.org/wiki/ARP_spoofing
[6] https://en.wikipedia.org/wiki/Man-in-the-middle_attack
[7] https://en.wikipedia.org/wiki/Black_hole_(networking)
[8] https://www.whitehatsec.com/glossary/content/denial-service
[9] https://www.trendmicro.com/vinfo/us/threat-encyclopedia/archive/security-advisories/arp%20flooding%20attack
[10] http://devco.re/blog/2014/06/03/http-session-protection/
[11] S. G. Bhirud and Vijay Katkar, “Light weight approach for IP-ARP spoofing detection and prevention,” 2011 Second Asian Himalayas International Conference on Internet (AH-ICI), pp. 1-5, 2011
[12] Alok Pandey and Jatinderkumar R. Saini, “ARP cache rectification for defending spoofing and poisoning attacks,” 2016 3rd International Conference on Compiting for Sustainable Global Development (INDIACom), pp. 3487-3492, 2016
[13] Ravi Raj Saini and Himanchu Gupta, “A security framework against ARP spoofing,” 2015 4th International Conference on Reliability, Infocom Technologies and Optimization (ICRITO) (Trends and Future Directions), pp. 1-6, 2015
[14] Xianging Hou, Zhiping Jiang and Xinli Tian, “The detection and prevention for ARP Spoofing based on Snort,” 2010 International Conference on Computer Application and System Modeling (ICCASM 2010), pp. 137-139, 2010
[15] Mohammed Abdulridha Hussain, Hai Jinm Zaid Alaa Hussien, Zaid Ameen Abduljabbar, Salah H. Abbdal and Ayad Ibrahim, “ARP Enhancement to Stateful Protocol by Registering ARP Request,” 2016 International Conference on Network and Information System for Computers (ICNISC), pp. 31-35, 2016
[16] http://www.xarp.net/
[17] D. Plummer. An Ethernet address resolution protocol, Nov. 0982. RFC 826
[18] T. Demuth and A. Leitner. ARP spoofing and poisoning: Traffic tricks. Linux Magazine, 56:26-31, July 2005
[19] https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
[20] Neha Agrawal, Bhale Pradeepkumar and Shashikala Tapaswi, “Preventing ARP Spoofing in WLAN using SHA-512,” 2013 IEEE International Conference on Computational Intelligence and Computing Research, pp. 1-5, 2013
[21] https://en.wikipedia.org/wiki/Secure_Hash_Algorithms
[22] Prerna Arote and Karma Veer Arya, “Detection and Prevention against ARP Poisoning Using Midified ICMP and Voting,” 2015 International Conference on Computational Intalligence and Networks, pp. 136-141, 2015
[23] Sumit Kumar and Shashikala Tapaswi, “A Centralized Detection and Prevention Technique Against ARP Poisoning,” 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), pp.259-264, 2012
[24] Haider Salim, Zhitang Li, Hao Tu, and Zhengbiao Guo, “Preventing ARP Spoofing Attacks through Gratuitous Decision Packet,” 2012 11th International Symposium on Distributed Computing and Applications to Business, Engineering & Science, pp. 295-300, 2012
[25] https://www.kali.org/
[26] https://docs.python.org/2.7/library
[27] https://www.youtube.com/watch?v=UW644VrL_q8
[28] https://www.youtube.com/watch?v=Gg_Rig4QjF4
[29] https://www.youtube.com/watch?v=0qI7hsNR6wk
[30] https://www.youtube.com/watch?v=yFWaQL6ibLY
[31] http://www.xarp.net/
校內:2019-09-08公開校外:不公開