Design And Improvement Of Security For TCP Proxy Based On WAN Data Compression

With economic development and advancement of communication technology, networkcommunication between various enterprise or institutions and their remote branch is more and moreimportant and frequent. Between headquarters and branch or between each branch, it needs someservices such as Web, FTP and etc. Its requests are increasingly high for the network access speedand quality based on TCP protocol. According to this demand of user, TCP proxy combined withWAN data compression technology, not only has the traditional TCP proxy functionality, but alsoprovides transparent compression and transmission for TCP data stream through the WAN. Itenhances the WAN bandwidth utilization, and improves speed and stability of accessing server,meets the needs of enterprise and institutions.Some enterprises and institutions data involve commercial and research secrets, the existingTCP proxy technology is more concerned about data transmission rate and compression ratio, inaddition to high-performance proxy service,corporate and institutional users also attach greatimportance to the TCP proxy itself security and secure transmission of data. Therefore, the articleanalyzes and studies the existing TCP proxy security deficiencies, combines with attack preventionand data encryption transmission technology, improves and designs the existing TCP proxyarchitecture, provides a certain safety and reliability of TCP proxy technology based on WAN datacompression. On the basis of original proxy, this kind of TCP proxy with better safety, byintroducing a SYN cookie technology, improves the existing TCP packet processing, designs anddevelops detection and defense function, enhances the prevention capability of SYN Flood attack.Furthermore, it adopts OpenSSL technology based on SSL protocol, modifies and implements newdictionary channel, protects dictionary synchronization information transmission via WAN,effectively improves security of data transmission, reduces the possibility of critical data leakinessin the WAN.Test results show that new TCP proxy technology based on WAN data compression caneffectively prevent SYN Flood attack from threatening TCP proxy, and improve security of datatransmission, achieve a good balance between proxy security and compression transmission rate.