Internet网络攻击与抵御的层次化分析

TCP／IP协议是Internet网互联的基础，TCP／IP的安全性直接关系到Internet网和系统的安全。TCP／IP的层次不同．提供的安全性也不同。根据TCP／IP的分层模型，本文采用层次化分析的方法对其各个层次上可能存在的非法攻击进行了详细的分析．并给出了相应的安全抵御防范措施。     

Architecture for a hardware-based, TCP/IP content-processing system

The transmission control protocol is the workhorse protocol of the Internet. Most of the data passing through the Internet transits the network using TCP layered atop the Internet protocol (IP). Monitoring, capturing, filtering, and blocking traffic on high-speed Internet links requires the ability to directly process TCP packets in hardware. High-speed network intrusion detection and prevention systems guard against several types of threats. As the gap between network bandwidth and computing power widens, improved microelectronic architectures are needed to monitor and filter network traffic without limiting throughput. To address these issues, we've designed a hardware-based TCP/IP content-processing system that supports content scanning and flow blocking for millions of flows at gigabit line rates. The TCP splitter2 technology was previously developed to monitor TCP data streams, sending a consistent byte stream of data to a client application for every TCP data flow passing through the circuit. The content-scanning engine can scan the payload of packets for a set of regular expressions. The new TCP-based content-scanning engine integrates and extends the capabilities of the TCP splitter and the old content-scanning engine. IP packets travel to the TCP processing engine from the lower-layer-protocol wrappers. Hash tables are used to index memory that stores each flow's state.     

一种使用TCP/IP协议实现无线传感器网络互连的新型设计

传统的TCP/IP协议栈由于规模庞大而不能用于资源有限的无线传感器网络,在分析无线传感器网络环境的基础上,研究针对无线传感器节点的TCP/IP协议栈的设计,引入协议的头标压缩技术,提出一种采用两种节点、两种栈设计的新型模型.模型中除普通节点外附加了少量的超级节点,普通节点采用压缩TCP/IP协议,超级节点实现压缩和标准TCP/IP协议之间的转换,并保证每一个节点与外部Internet高效无缝的连接.     

在TCP/IP协议支撑之上的Windows Socket应用开发

Ｉｎｔｅｒｎｅｔ日益成为信息时代的支住产业,它所采用的协议就是著名的ＴＣＰ／ＩＰ协议。Ｗｉｎｄｏｗｓ Ｓｏｃｋｅｔ（简称ＷｉｎＳｏｃｋ）是在Ｗｉｎｄｏｗｓ平台下用ＴＣＰ／ＩＰ协议开发网络应用程序的编程接口。本文将详细介绍在ＴＣＰ／ＩＰ协议支撑之上的ＷｉｎＳｏｃｋ编程接口原理以及利用ＷｉｎＳｏｃｋ开发网络应用程序的流程、技术。     

用于TCP/IP减荷的智能网卡的设计与实现

TCP/IP减荷的目的是为了将系统主处理器从用于协议处理的繁重的内核中断服务中解脱出来。从对TCP/IP减荷的需求出发，分析了TCP/IP减荷在设计方面的要求，进而设计并实现了一种用于TCP/IP减荷的智能网卡。     

利用防火墙技术处理局域网安全漏洞

因局域网越来越多地遭到黑客的攻击，其安全性成为一个至关重要的问题。本文基于网络体系结构、TCP／IP协议存在安全漏洞、防火墙技术的分析和探讨，指出防火墙技术能处理许多TCP／IP协议的安全漏洞     

Modeling the Internet congestion control using a Smith controller with input shaping

The Internet has shown a great capability of endless growing without incurring congestion collapse. The key of this success lies in its TCP/IP congestion control algorithm. In this paper, we use control theoretic analysis to model the Internet flow and congestion control as a time delay system. We show that the self-clocking principle, which is known to be a key component of any stable congestion Internet control algorithm, corresponds to implement a simple proportional controller (P) plus a Smith predictor (SP), which overcomes feedback delays that are due to propagation times. Different variants of TCP congestion control algorithms, such as classic TCP Reno or the recent Westwood TCP, can be modeled in a unified framework by proper input shaping of the P+SP controller structure. Finally, we show that controllers that do not implement the Smith predictor, such as proportional (P) controllers or proportional+derivative+integral (PID) controllers, provide an unacceptable sluggish system because they do not implement dead-time compensation.     

TCP is Competitive with Resource Augmentation

The well-known Transport Control Protocol (TCP) is a crucial component of the TCP/IP architecture on which the Internet is built, and is a de facto standard for reliable communication on the Internet. At the heart of the TCP protocol is its congestion control algorithm. While most practitioners believe that the TCP congestion control algorithm performs very well, a complete analysis of the congestion control algorithm is yet to be done. A lot of effort has, therefore, gone into the evaluation of different performance metrics like throughput and average latency under TCP. In this paper, we approach the problem from a different perspective and use the competitive analysis framework to provide some answers to the question “how good is the TCP/IP congestion control algorithm?” We describe how the TCP congestion control algorithm can be viewed as an online, distributed scheduling algorithm. We observe that existing lower bounds for non-clairvoyant scheduling algorithms imply that no online, distributed, non-clairvoyant algorithm can be competitive with an optimal offline algorithm if both algorithms were given the same resources. Therefore, in order to evaluate TCP using competitive analysis, we must limit the power of the adversary, or equivalently, allow TCP to have extra resources compared to an optimal, offline algorithm for the same problem. In this paper, we show that TCP is competitive to an optimal, offline algorithm provided the former is given more resources. Specifically, we prove first that for networks with a single bottleneck (or point of congestion), TCP is ${\mathcal{O}}(1)The well-known Transport Control Protocol (TCP) is a crucial component of the TCP/IP architecture on which the Internet is built, and is a de facto standard for reliable communication on the Internet. At the heart of the TCP protocol is its congestion control algorithm. While most practitioners believe that the TCP congestion control algorithm performs very well, a complete analysis of the congestion control algorithm is yet to be done. A lot of effort has, therefore, gone into the evaluation of different performance metrics like throughput and average latency under TCP. In this paper, we approach the problem from a different perspective and use the competitive analysis framework to provide some answers to the question “how good is the TCP/IP congestion control algorithm?” We describe how the TCP congestion control algorithm can be viewed as an online, distributed scheduling algorithm. We observe that existing lower bounds for non-clairvoyant scheduling algorithms imply that no online, distributed, non-clairvoyant algorithm can be competitive with an optimal offline algorithm if both algorithms were given the same resources. Therefore, in order to evaluate TCP using competitive analysis, we must limit the power of the adversary, or equivalently, allow TCP to have extra resources compared to an optimal, offline algorithm for the same problem. In this paper, we show that TCP is competitive to an optimal, offline algorithm provided the former is given more resources. Specifically, we prove first that for networks with a single bottleneck (or point of congestion), TCP is O(1){\mathcal{O}}(1)-competitive to an optimal centralized (global) algorithm in minimizing the user-perceived latency or flow time of the sessions, provided we allow TCP O(1){\mathcal{O}}(1) times as much bandwidth and O(1){\mathcal{O}}(1) extra time per session. Second, we show that TCP is fair by proving that the bandwidths allocated to sessions quickly converge to fair sharing of network bandwidth.     

Improved WWW multimedia transmission performance in HTTP/TCP overATM networks

Transmission control protocol/Internet protocol (TCP/IP) is the de facto standard of the networking world. It dynamically adjusts routing of packets to accommodate failures in channels and allows construction of very large networks with little central management. But IP packets are based on the datagram model and are not really suited to real-time traffic. In order to overcome the drawbacks, a new network technology, ATM, is proposed. ATM provides quality of service (QOS) guarantees for various classes of applications and in-order delivery of packets via connection oriented virtual circuits. Unfortunately, when ATM is to be internetworked with the existing network infrastructure, some special signaling, addressing and routing protocols are needed. IP over ATM is one of the methods proposed by IETF. It allows existing TCP/IP applications to run on ATM end-stations and ATM networks to interconnect with legacy LAN/WAN technologies. But the performance of TCP/IP over ATM leaves something to be desired. Partial packet discard (PPD) and early packet discard (EPD) are two schemes to improve its performance. This paper proposes a “selective packet retransmission” scheme for improving HTTP/TCP performance when transmitting through ATM networks. In selective packet retransmission, we take advantage of the property of humans' perception tolerance for errors to determine whether to retransmit a corrupted TCP segment or not. For lossable data, such as images, when an error occurs because of cell losses, it will not be retransmitted. The simulations show that, for the same buffer size and traffic load, selective packet retransmission performs better than PPD, EPD, and plain TCP over ATM     

Towards a Complete SNMP-Based Supervision of System-on-Chips

This work proposes an adaptation of classical network management protocols for the purpose of a deep testing and management of network-based electronic systems such as routers, switches, and personal computers. The basic idea of this work is to extrapolate the advantages of network management functions (monitoring, control, test…) to the level of an electronic device. To this end, the proposed approach starts very early in the design process of integrated circuits where the concept of managed integrated circuit is introduced. A widely known design-for-test (DFT) technique is extended to render it useful through classical TCP/IP networks. The suggested solution is described and its efficiency is illustrated through extensive experimentations.     

IIS中虚拟主机业务的配置和管理

在一般学校现有的局域网基础上,按照Internet的TCP/IP协议,建立Web站点和DNS、FTP、MAIL等服务器,模拟Internet的功能,可使学生得到建立、管理网站的经验。     

Data packet intercepting on the internet: How and why? A closer look at existing data packet-intercepting tools

The Internet constitutes a means of communication in terms of which millions of messages and huge chunks of data are electronically sent millions of miles across the globe each day thanks to the Transmission Control Protocol/Internet Protocol (TCP/IP). One of the functions of the TCP/IP is to break up each of these messages into smaller entities of equal length. Such an entity is known as a ‘datagram’ or a ‘data packet’. The Internet, however, already disposes of many tools/applications that can intercept a TCP/IP datagram. The reasons for intercepting a TCP/IP datagram vary from application to application. Some applications, for example, intercept a data packet or datagram to execute harmful effects on it, mostly to terrorize the sender and/or the receiver of such packet or datagram. Some applications, on the other hand, might want to monitor a packet or datagram for security reasons. Still other applications might merely want to intercept a data packet or datagram to manage flow control and other network-management aspects. Packet intercepting can, therefore, be a useful tool in any TCP/IP-based application aimed at monitoring or intercepting TCP/IP data packets or datagrams.     

流媒体技术及其开发方法

随着Internet技术的迅速发展,各种各样的网络多媒体应用层出不穷,其中以流媒体技术为背景的应用发展最为迅速,其目的在于缩短客户对多媒体数据回放的等待时间和为用户提供较好的服务质量,深受教育和视频监控行业的青睐。文中主要论述了流媒体技术、原理及其在网络上传送时所使用的RTP/RTCP协议,并与传统的TCP/IP传输协议进行了详细的比较,进一步阐明了RTP/RTCP协议所具有的优势。同时介绍了微软公司最新推出的基于COM技术的流媒体应用开发工具DirectShow,利用它可以大大缩短流媒体应用的开发周期。文中结合一个简单的例子说明了它一般的使用方法。     

基于TCP/IP的智能终端接入技术

阐述了现有各种嵌入式系统的互联网接入方案，分析和比较了各种接入方式的优缺点后，重点阐述了一种基于TCP／IP的智能终端接入技术方案。     

基于Ethernet的嵌入式测控系统的设计

在分析工业控制网络发展趋势、嵌入式以太网接入Internet网络数据传输需要的协议的基础上,针对现场总线通信方式的不足,设计了一个基于Ethernet的嵌入式测控系统。文章阐述了系统的设计方案,在硬件电路设计上,重点介绍了测控系统数据采集节点设计和以太网通信接口电路的设计;在软件系统设计上,提出测控终端软件设计方案,并实现了基于TCP／IP协议栈的网络通信设计。实际使用表明,该系统运行灵活、可靠、稳定,可直接使用企业内部的Intranet信息网,也可直接接人现行的公共Internet网络。     

TCP／IP拥塞控制研究

综述了Internet上TCP／IP拥塞控制研究方面一些最新的工作,分析了拥塞控制的原理、TCP／IP拥塞控制所使用的典型技术,并着重论述了TCP／IP拥塞控制所面临的问题,这包括自相似性问题、效率问题、公平性问题、算法改进、区分服务和多点广播中拥塞控制和TCP／IP在特殊网络（ATM网和卫星网）上拥塞控制等问题,并提出了其进一步的研究方向。     

嵌入式Internet中TCP／IP协议栈的研究与设计

目前大多数嵌入式设备是8位或16位的MCU,要将Internet与嵌入式设备进行结合,其主要困难在于,相对于8／16位低速处理器本身资源的限制,Internet的TCP／IP协议簇过于复杂,因此不可能实现完整的TCP／IP协议栈,必须根据实际需求进行精简。针对8位或16位的低档MCU接入Internet,采用MCU＋软件嵌入TCP／IP协议的方法加以实现。对嵌入式Internet中TCP／IP协议栈的实现进行了研究与分析,针对每一层的具体协议,提出了设计方法和精简方案。由于嵌入式设备自身资源的限制,使得在嵌入式Internet中TCP／IP协议栈的实现存在功能简单、安全性不高等问题。但是随着嵌入式硬件设备和Internet技术的不断发展,嵌入式TCP／IP协议栈的实现也将会越来越完善。     

TCP over satellite...the final frontier

Communication satellites are now being used to transport TCP/IP traffic between distant locations, and to offer Internet access. Satellites have thus become the celestial link of the Internet, an “instant” infrastructure in the sky. The rapid growth of satellite communications is evolving the TCP/IP protocol suite in positive ways. In particular, enhancements to the Transmission Control Protocol (TCP) to address the challenges of satellite transmission will benefit all high-bandwidth TCP communications. TCP is the predominant unicast transport protocol used by Internet applications such as Telnet, FTP, and HTTP. The ability of TCP to maximize the link utilization of a satellite channel is being challenged by the inherent delays associated with space communications and some of TCP's own behaviors. The author discusses the basics of using TCP for satellite transmission and describes the changes you can expect to see in the TCP protocol itself as a result of the increase in use of satellites for TCP/IP traffic     

High performance mobility without agent infrastructure for connection oriented service

Currently it is very difficult for connection oriented applications to use a mobile environment. One reason is that Mobile IP requires intermediate software agents to be deployed in the Internet. This infrastructure based mobility scheme offers connectivity to itinerant hosts but incurs significant handoff and tunneling delays along with deployment costs. These delays are particularly harmful for connection oriented applications. In this paper we investigate an alternate mobility scheme which does not require any such infrastructure but only uses an end-point technique and interestingly provides much faster loss-free handoff for connection oriented applications. This End-to-End scheme named Interactive Protocol for Mobile Networks (IPMN) intelligently performs handoff based on information provided by MAC Layer. The network address change is handled by renewing the existing connections by manipulating the TCP/IP stack at the end-points. Also, unlike several other recently proposed end-to-end techniques which require extensive modification of end-protocols, the proposed scheme does not require any functional change in the TCP/IP protocol software. Besides the difference in deployment scenarios, the IPMN offers blazingly fast event based handoff and much faster and simplified transport (no tunneling delay) than MIP. We have implemented IPMN over FreeBSD. In this paper we show the performance advantage of IPMN over MIP with real deployment for three interesting real-time traffic types — www, voice streaming and, steerable/interactive time critical video.     

嵌入式WEB中TCP／IP协议栈的设计与实现

嵌入式TCP／IP协议栈能扩展非智能设备的网络功能，是信息智能化的一种有效手段。本文从嵌入式WEB服务器入手，分析了嵌入式TCP／IP协议栈特点，并着重探讨了ARP、IP、ICMP和TCP等协议的实现。