Research Of Network Intrusion And Defence Based On Windows

With the rapid development of Internet, network becomes the most primary tool of information interchanging step by step. In the recent years, some new network transitions' emergence such as Electronic Commerce, Mobile Payment and so on bring forward a high-level network security demand; at the same time attacks never stop, however they become stronger and stronger. For that network security research becomes another new hot point.Practical network protocol standard-TCP/IP is an absolutely open protocol group. At the beginning of design, engineers neglected security problems. So there are a lot of hidden troubles in the TCP/IP protocol group. Though many security protocols provide kinds of security services for users, they don't solve problems thoroughly. Now network security problems restrict the network development heavily.The main purpose in the paper is exposing holes in protocols, using them to attack network and giving schemes for defending attacks.This thesis begins to do some research about ARP(Address Resolution Protocol), analyzes the reason: dynamic binding without authentication; and provides an application model for illustration "ARP spoofing, sniffer and defence". This model is completed through a single network driver with Visual C++6.0 as my development tool. Besides, fundamental theory and message of several common protocols in the TCP/IP groups are analyzed. The paper also talks about hidden troubles in TCP/IP, gives particular explanation on the most rife attacking methods and corresponding defence, analyzed Winpcap(Windows packet capture) driver in detail.The content of this paper contains:Chapterl, introduction, focuses on the background and content of network security.Chapter2, the base structure of the TCP/IP protocol group, and some technology about Ethernet.Chapters, introduces several methods in intrusion(such as Denial of Service, Sniffer, ARP spoofing) and tells how to prevent against them.Chapter4, studies Winpcap, NDIS(Network Driver Interface Standard) and network communication structure.Chapters, brings forth a model for illustration "ARP spoofing, sniffer and defence".These research results principally enact a reference role for the later in the network security world, especially in network management and design of protocol analysis.