Research And Application Of Attack And Defense Technology Based On TCP/IP Protocol Vulnerabilities

Along with the continuous development of network technology and the rapid popularization of Internet, computer networks have been all over every corner of the world. However, the more society depends on the computer network, the greater risks it faces. Internet security issues become increasingly prominent, network attacks occur frequently and poses a serious threat to the economy of all countries over the world. The fundamental reason of network attacks is the inherently open design and default trust on the other nodes of the network protocol, which collectively called as the network protocol vulnerabilities. Network protocol vulnerabilities could cause the invasion and attack of information systems, and make the system's normal defense function fail or crash.This thesis first summarized research status and related key technologies, and determined the four typical protocol to be studied in structure of four-layer TCP/IP, that was ARP, IPv6 NDP, TCP and HTTP. Then analyzed the technical feasibility of attack technologies according to vulnerabilities of each protocol. Also, determined specific attack method for each protocol, namely ARP spoof, NDP spoof, RST attack and HTTP sniff. After summing up four common means of defense methods, analyzed the advantages and disadvantages of each defense method. Meanwhile, proposed four improved defense algorithms and analyzed the advantages of improved defense algorithms.At last, this thesis selected the appropriate test methods and set up a test environment for each proposed algorithm, and each improved defense algorithm has been tested. After debugging and testing, the algorithm is running stably and achieved the desired effect of defense, and completed all research objectives.The proposed algorithms ensure high performance, high compatibility, saving system resources and not affecting normal communications. Meanwhile, they ensure the security of each layer's protocol, and protect users from being disturbed by vulnerabilities. These algorithms have practical effect on defending network attacks and have a certain degree of academic value as well.