| 基于TCP协议的网络数据实时篡改 |
| |
| 引用本文: | 金瓯,施勇,薛质.基于TCP协议的网络数据实时篡改[J].信息安全与通信保密,2010(4):74-77. |
| |
| 作者姓名: | 金瓯 施勇 薛质 |
| |
| 作者单位: | 上海交通大学信息安全工程学院,上海,200240 |
| |
| 摘 要: | 首先对网络数据实时篡改作了定义,指出攻击者介入通信双方是实行实时篡改的前提,并提出了数种攻击者介入通信的方式。随后从基于“替换-转发”现有数据包的机制到赋予攻击者主动发包能力的模拟TCP协议栈方式,层层递进,不断提出各种方法,同时指出其局限性,并针对性地修正和完善了实时数据篡改的实现手段。该部分的末尾对先前提出的方法作出了总结。最后从不同的方面提出了对于数据实时篡改的防御措施。
|
| 关 键 词: | 实时 篡改 TCP/IP协议 TCP序列号/确认号 替换-转发 |
Real-time Replacement of Network Data Packets Based on TCP and Its Defense Measures |
| |
| JIN Ou,SHI Yong,XUE Zhi.Real-time Replacement of Network Data Packets Based on TCP and Its Defense Measures[J].China Information Security,2010(4):74-77. |
| |
| Authors: | JIN Ou SHI Yong XUE Zhi |
| |
| Affiliation: | JIN Ou,SHI Yong,XUE Zhi (School of Information Security Shanghai Jiaotong University,Shanghai 200240,China) |
| |
| Abstract: | The article first defines the meaning of real-time replacement of network data packets, and then describes the methods of attacker involvement. It mainly discusses step by step the methods of correctly achieving the real-time replacement, from the mechanism of replace-forward to the simulation of TCP/IP stack. Finally some defense measures against the real-time replacement are provided. |
| |
| Keywords: | real-time replacement TCP/IP TCP SEQ/ACK repalce-forward |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
