Font Size: a A A

Research On Advanced Evasion Technology And Design Of Safety Test Instruments

Posted on:2019-11-09Degree:MasterType:Thesis
Country:ChinaCandidate:Y B XuFull Text:PDF
GTID:2428330548470537Subject:Engineering
Abstract/Summary:PDF Full Text Request
In today's society,almost all groups will purchase network security devices to ensure the security of their virtual data.Since network security device vendors allways track network threats and upgrade devices,it also makes it easier and more efficient to install and use network security devices at network borders than to uniformly implement certain security measures for each computer under the name.And,which leads to insufficient attention to the protection of a single computer.It is precisely in this situation that advanced evasion techniques(AET)are sought after by cyber malicious attackers.On the one hand,existing network security devices will be included in the signature database soon after the 0-day vulnerability is revealed,causing the available vulnerabilities fewer and fewer.On the other hand,AET can disguise the data stream,and can mask the original data features of exploit code.With this technology,some classic exploit codes that have disappeared because of its features being recorded into network security devices have restored the threats of the past,and brought new challenges to the existing network security management.In view of this,this paper studies the principles and features of AET,carrying out secondary development based on the open source software Metasploit and fragroute,has designed and initially implemented a model that can be used to detect network security devices against AET.This type of safety test instrument is intended to raise public awareness of AET and make appropriate preparations as soon as possible.Moreover,this paper has studied the structure framework of Metasploit and fragroute software,and has encoded in Metasploit to achieve "Eternal Blue" that received wide attention last year.In addition,two new evasion technology modules,tcp seq and tcp_paws,were added to the fragroute.After the main body of the security test instrument is implemented,this paper uses the existing equipment to test the function of the instrument and verify the effectiveness of the instrument function.The test shows that this type of test instrument can effectively test whether existing safety protection equipment can withstand AET,and has certain practical application significance.
Keywords/Search Tags:Network protection equipment, metasploit, fragroute, Safety test instrument, Advanced evasion techniques
PDF Full Text Request
Related items