| Much attention has been increasingly paid to network information security problems. Vulnerability analysis focuses on prevention. It is a necessary measure to solve network security problems. IP traceback aims to trace attacks to their origins, and plays a significant role in proactive defense. In the thesis, research on network vulnerability analysis and IP traceback is discussed.Under the background of "IP network topology and analysis of performance based on network detection" supported by NSFC, Distributed Network Measurement and Analysis Infrastructure (DNMAI), the cooperant result of our workgroup, is discussed, and also the significance of network vulnerability analysis and IP traceback research in DNMAI; Several existing advanced vulnerability analysis methods and models are compared and summarized. Advantages and disadvantages of each technique are discussed in detail. A new vulnerability analysis method based on study of vulnerability quantitative analysis system proposed by workgroup is described aiming at the limitation of current network vulnerability analysis technique, and has improvements and enhancements comparing with current analysis technique. Network scanning is one of the methods of data acquisition in DNMAI, scanning result is some fundamental data for vulnerability analysis. Network scanner is designed and implemented.With multi-threading technology, scanning efficiency is promoted. Varies IP traceback algorithms are studied. On the basis of advanced marking scheme (AMS), two dimensional threshold reconstruction algorithm is given. With a scientifically definition to the threshold during reconstruction, process of traceback becomes more fast and effective. The distributed management reactive traceback infrastructure of the modified algorithm which applies to DoS attacks is given.
|
PDF Full Text Request