| ARP deception and PPPoE deception are common but serious networksecurity issues. Defects of the two network protocols caused by earlier imperfect design leadto severe damage. Although the research on ARP and PPPoE deception has made certainachievements, because of the defects of the two network protocols themselves, the attackbased on them is still hard to prevent and still the hot research era of contemporary networksecurity issues.The thesis briefly introduces and analyzes the principles, defects and relevant solutionsof these network protocols and then develops a new system on attack based on ARP andPPPoE and the relevant prevention technology. Through comparing with pre-existingimprovements and detection methods, some suggestions are proposed about differentapplicable areas of different methods.Layout of the thesis:Firstly, the thesis introduces the network security situation in China and reviews theoverseas and domestic research status of ARP and PPPoE. Through analyzing the principlesof ARP and PPPoE and the process of implementation of attack and deception, the thesisproposes to develop a new system on attack based on ARP and PPPoE and the relevantprevention technology and provides specific scheme and implement plan on simulating,detecting and preventing the deception. The scheme and plan is proved practical by followingtests.Secondly, about the attack of ARP and PPPoE and the relevant prevention, the thesis usesthe driver development of WINPCAP and NDIS as a basis and proposes to extend the Passthru routine in NDIS to develop filter driver to filter the intermediate layer of ARPpacket. The thesis also proposes to develop a user program, using VC++6.0as programmingtool to carry out a deceptive act by forging ARP request and sending reply packet and todetect the position of the attack host of ARP deception. As for PPPoE, through analyzing thelogin procedure of a PPPoE, the thesis discuss how to program in the disguise of PPPoEnetwork access server and use PAP certification to seduce the user to send his own internetaccount and password to local machine. In this way, the deception of capturing user’s accountand password is realized.Last but not at least, about the system of the attack based on ARP and PPPoE and therelevant technology, the thesis discusses how to use virtual machine and the set-upexperiment environment to test filter driver of ARP packet and other functions andperformances of the system. Using various functions of the system, the pre-existing methodsof detecting and prevention of ARP and PPPoE are analyzed, tested and compared. After that,the thesis proposes to compare the applicable environment of these detection and preventionmethods. Through analyzing the tests, some suggestions about different applicable areas ofdifferent solutions of problems of ARP and PPPoE deception are concluded. |
PDF Full Text Request