| With the rapid progress of mobile internet,phishing attacks have been one of the most severe threats to Internet users in recent years.The current defensing methods of phishing attacks are mostly focusing on the web browser plugins,but the web browser plugins cannot monitor the network traffic flowing on smart phone and tablets and so on,such that they cannot blocking the phishing attacks on those platforms.Routers,as the key devices which enable families and people to access the Internet,has got a lot of popularity.Comparing with the web browser plugins,Routers,as the center of the home network traffic,can cover a more widely range of network traffic.Developing a defensing method of phishing attacks on routers can protect user's private information from leaking.However,there are a large amount of phishing sites and their survival time is short.Traditional routers can only set a limited and static filtering strategy,which cannot tackle with the changeable and considerable phishings sites efficiently.With the rapid development of Smart Routers,we can do some secondary development on them and make custom traffic filtering strategy possible.Facing with this situation,this paper has proposed a defensing strategy called "Register When Request,Block When Response" to counter phishing attacks.Based on Smart Router platform,this strategy makes the user's normal network communication and the security detection of the domain names work concurrently.After registering the necessary information of what the user has requested,the network communication will be continued,and the registered information will be detected concurrently.In terms of the characteristic of phishing attacks,if we can finish the detecting job before the response packets arrive at the smart router,we can block those response packets timly.Based on this strategy,this paper has designed and realized a network traffic monitoring and blocking system based on Smart Router.This system combines the smart router with cloud server,and makes the user's normal network communication and the security detection of the domain names work concurrently.Here are the advantages of this system:First,The detection process has little impact on user's normal network communication,which imporves the user experience.Second,The pressure of the detection has been distributed to the cloud server,which makes this system requests low performance dependency on the smart router.Third,with the power of cloud server,the smart router can tackle with the changeable and considerable phishings sites efficiently.The following is the main work of this paper:1.This paper has analysed the process and characteristics of phishing attacks,compared defensing methods of phishing attacks on different layers,and proposed the design scheme of network traffic monitoring and blocking system based on Smart Router.2.This paper has a through study on Netfilter framework,and developed corresponding hook functions to identify and block HTTP request and response packets.3.This paper has modified the source codes of Conntrack subsystem of Netfilter framework in kernel to extend a private data area which can be used to make a custom flag to a network connection.4.This paper has used the communication technology such as Netlink,Message Queue and UDP to establish a message bridge between kernel space and the cloud server,and finished the function of the detection job in the cloud server and the blocking job in the kernel space.5.This paper has deployed the network montoring and blocking system on the smart router which runs OpenWRT operating system,and finished the establishment of the system.6.This paper has designed a function testing experiment and a performance testing experiment.Based on analyzing the system's blocking log messages of one-time request and multi-time request,we can give a review to the function and performance of this system.The result shows this system can block a HTTP-based website which is in the blacklist of the cloud server efficiently and achieve a high blocking success rate. |
PDF Full Text Request