| Now the rapid development of computer network has great influence on people's daily life, and at the same time, the replacement of network data packets becomes a general attack method. The thesis first gives a definition of the real-time modification of data packets as well as points out its specialty comparing with other replacement methods. Since the modification makes the TCP status of the two communication sides disorder and thus negatively affects the normal interaction, we should take it into consideration. And we should also take action so that the replacement can be hidden from others.The first part of the thesis is a relatively detail introduction of TCP/IP stack, for the huge amount of discussion is based on it. And then, we raised four methods to go into the normal communication and forward the network data packets, which is the basis and the prerequisite of the real-time modification.And then the thesis raised a whole framework of replacement. we pointed out the strategies of transmit layer and the relative problems that the introduction of each strategy brought. So we rectified and improved the strategy to solve the problem in a higher level. And then, we raised some strategies of modification in application layer based on the transmit layer polices discussed before. Another important point is how to hidden the action of replacement from the two sides of normal communication, including how to keep the icon and the length of exe file. And last, we designed a core data structure, TCP table, to maintain multi-session modification of data packets. We also discuss the cache strategy of TCP table node. The thesis offered an implementation of the framework as well as a light-weighted control server on Linux platform. And at the end of the thesis, several defense and recognition methods are raised against the real-time modification. |
PDF Full Text Request