資訊管理學報
曹偉駿;黃偉智;蔡欣潔;
頁: 739-767
日期: 2012/10
摘要: 由於資訊的爆炸與科技的進步,網路的應用儼然與我們的生活產生了密不可分的關係,但是安全問題也隨之而起。雖然目前有許多的安全工具可以成功地偵測、攔截或者掃除某特定入侵行為,但卻少有工具可以在受到駭客未知型的攻擊入侵時,能及時做出適當的反應措施,其原因在於現行安全檢測工具大多採用資料庫特徵比對的方式進行檢測,所以才會造成無法及時偵測出未知型入侵攻擊的狀況,因此往往會錯失防護的時機與捕獲入侵者的機會。有鑑於上述安全檢測方法之缺失,本研究首先建立一個高誘捕率的無線誘捕系統(Wireless Honeypot),進而加入鍵擊側錄與弱點檢測模組,以求更加詳盡的收集與分析入侵者惡意行為,如此一來不僅能夠大幅降低入侵偵測的誤判與增加WLAN的安全性,更能在受到未知型的駭客入侵前進行防護,把所有可能造成的損失降至最低。
關鍵字: 網路安全;無線區域網路;誘捕系統;弱點檢測;
Abstract: With the information explosion and technological progress, the applications of networks have already been bound up with our daily life. Meanwhile, security problems have arisen following this. Although there are many security tools that can successfully detect, intercept or remove certain kinds of intrusions, few tools can give response and find solutions promptly when the system is being attacked and intruded by unknown hackers. Current security detection tools execute the detection mostly via the method of signature comparison, so that unknown attacks and intrusions cannot be detected in time. Therefore, opportunities to defend the system and to capture the intruders are likely to slip.In view of the defects of security detection tools mentioned above, this study will construct a wireless honeypot of high arrestment rate together with keyloggers and vulnerability scan modules in order to collect and analyze intruders' malicious behavior more exhaustively. In this way, the false positive rate of intrusion detection will be greatly reduced and the security of WLAN will be dramatically improved, and therefore the proposed protection mechanism can get underway before unknown hackers start to attack, by which potential losses will be minimized.
Keywords: Network Security;Wireless Local Area Networks;Honeypot;Vulnerability Scan;
瀏覽次數: 8920 下載次數: 134
引用 導入Endnote
頁: 739-767
日期: 2012/10
摘要: 由於資訊的爆炸與科技的進步,網路的應用儼然與我們的生活產生了密不可分的關係,但是安全問題也隨之而起。雖然目前有許多的安全工具可以成功地偵測、攔截或者掃除某特定入侵行為,但卻少有工具可以在受到駭客未知型的攻擊入侵時,能及時做出適當的反應措施,其原因在於現行安全檢測工具大多採用資料庫特徵比對的方式進行檢測,所以才會造成無法及時偵測出未知型入侵攻擊的狀況,因此往往會錯失防護的時機與捕獲入侵者的機會。有鑑於上述安全檢測方法之缺失,本研究首先建立一個高誘捕率的無線誘捕系統(Wireless Honeypot),進而加入鍵擊側錄與弱點檢測模組,以求更加詳盡的收集與分析入侵者惡意行為,如此一來不僅能夠大幅降低入侵偵測的誤判與增加WLAN的安全性,更能在受到未知型的駭客入侵前進行防護,把所有可能造成的損失降至最低。
關鍵字: 網路安全;無線區域網路;誘捕系統;弱點檢測;
Constructing Highly Secure Wireless Local Area Networks Based on Honeypot and Vulnerability Scan Techniques
Abstract: With the information explosion and technological progress, the applications of networks have already been bound up with our daily life. Meanwhile, security problems have arisen following this. Although there are many security tools that can successfully detect, intercept or remove certain kinds of intrusions, few tools can give response and find solutions promptly when the system is being attacked and intruded by unknown hackers. Current security detection tools execute the detection mostly via the method of signature comparison, so that unknown attacks and intrusions cannot be detected in time. Therefore, opportunities to defend the system and to capture the intruders are likely to slip.In view of the defects of security detection tools mentioned above, this study will construct a wireless honeypot of high arrestment rate together with keyloggers and vulnerability scan modules in order to collect and analyze intruders' malicious behavior more exhaustively. In this way, the false positive rate of intrusion detection will be greatly reduced and the security of WLAN will be dramatically improved, and therefore the proposed protection mechanism can get underway before unknown hackers start to attack, by which potential losses will be minimized.
Keywords: Network Security;Wireless Local Area Networks;Honeypot;Vulnerability Scan;
瀏覽次數: 8920 下載次數: 134
引用 導入Endnote