攻击技术分类研究

血色＠风寒
0 ℃
2021-03-22

整理文档很辛苦，赏杯茶钱您下走！

还剩 ... 页未读，继续阅读 >>

免费阅读已结束，点击下载阅读编辑剩下 ... 页

阅读已结束，您可以下载文档离线阅读编辑

资源描述

100871zhugejianwei@icst.pku.edu.cnTP393ResearchonClassificationofAttackTechnologiesZHUGEJian-wei,YEZhi-yuan,ZOUWei(InstitueofComputerSceinceandTechnology,PekingUniversity,Beijing100871,China)Abstract:Forthegoalofsystemizeanattackknowledgebasewhichprovidesknowledgeforintrusiondetectionandprevention,theclassificationofattacktechnologiesisresearchedfromthepointofviewofattackers,andaclassificationtaxonomywhichaccordswiththeclassificationcriterionsisproposed,furthermore,eachtypeofattacktechnologyisintroducedinsummary.Keywords:networksecurity;attack;classification(1980~)100871Emailzhugejianwei@icst.pku.edu.cn1InternetInternetInternetP2DR[1]2SnortAmoroso[2]6Lindqvist[3]MITDARPA[4]131ProbeExploitConceal3.1DNSPingnmapnetcatnessusISSScanner3.2Exploit3.2.1Win32IKSpromiscuousUnixlibpcaptcpdumpdsniffWin32WinPcapwindumpdsniffforWin32snifferSnifferProWin9xPWLWinNT/2000SAMUnix/etc/password/etc/shadow3.2.2JohntheRippleCrackWin32L0phtcrackIPARPRIPIPIPIPUnixIPrloginrshTCPTCPACKACKTCPJuggernautHuntARPIPMACARPARPARPRIPv1v216RIP3.2.3DDoSPingofDeathIPIPTreadropSmurfpingpingCPUSynFloodsyn2DDoSDDoSDDoSfloodDDoSTFNTribeFloodNetworkTFN2KTrinooWinTrinooStacheldraht3.2.41988Morris199611AlephOneSmashingTheStackForFunandProfit[5]ShellCodeUnixApacheWuftpdSendmailOpenSSHWin321999IIS4.0darkspyritAKABarnabyJackPhrackMagzine55DLLjmpespShellcodeWin32WindowsCode-RedSQL.SlammerBlasterSasser1996PHFPHFApacheWebCGIWebIDWin32AdministratorLSALocalSecurityAuthorityUnixSUIDXWindowxhost3.3rootUnixzap,wzap,wtedremoveBOBackOrificenetbusTCP/IPnetcatknarkforLinuxLinuxRootKitWin32NT/2000rootkit…DDoSFlood2DDoS3.4Agent1988Morris2001Code-Red2003SQLSlammerBlaster2004SasserNimdaIIS4DARPA199962[4]1Amoroso[2]65Pingipsweepportsweep,resetscanquesosatan,mscanls,ntinfoscanxsnoopillegalsniffersecretsnmpget,ncftpguest,guessftp,guesstelnet,guesspop,dictsshtrojan,ppmacro,xlock,sechole,casesen,framespooferarppoison,httptunnelsmurf,udpstormmailbomb,processtable,sshprocesstable,neptune,apache2,backcrassiis,land,treadrop,dosnuke,pod,syslogd,selfping,warezmaster,warezclienttcpresetsendmail,imap,named,eject,ffbconfig,fdformat,xterm,loadmodulephfpsftpwrite,yaga,ntfsdos,anypw,perl,sqlattacknetcat,netbus1Darpa1999IDS[1],,..,2004,41(7).(ZhugeJW,XuH,PanAM,Anattackknowledgemodelbasedonobject-orientedtechnology.JournalofComputerResearchandDevelopment,2004,41(7).)[2]AmorosoEG,Fundamentalsofcomputersecuritytechnology.EnglewoodCliffs(NewJersey):PrenticeHall,1994.[3]LindqvistU,JonssonE,Howtosystematicallyclassifycomputersecurityintrusions.InProceedingsofthe1997IEEESymposiumonSecurityandPrivacy,Oakland,CA,IEEEComputerSocietyPress,1997,154~163.[4]KendallK,Adatabaseofcomputerattacksfortheevaluationofintrusiondetectionsystems[Masterthesis],DepartmentofElectricalEngineeringandComputerScience,MassachusettsInstituteofTechnology,1999.[5]AlephOne,Smashingthestackforfunandprofit,PhrackMagazine,7(49),November1996.[6]DarkSpyritAKABarnabyJack,Win32bufferoverflows(location,exploitationandprevention),PhrackMagazine,55(15),May2000.