【作者】 彭云鹏；

【导师】 吴中福；

【作者基本信息】 重庆大学 ， 计算机系统结构， 2005， 硕士

【摘要】 入侵跟踪是计算机网络安全领域的一个重要技术,其目的是跟踪攻击的真正来源,为报警提供精确的信息,以及事后的犯罪举证和修补网络系统安全漏洞提供可靠依据。现实网络中“黑客”一般采用先攻陷一些安全性能较薄弱的机器,然后以这些机器为“跳板”对最终目标发动攻击的方式。对于这种攻击方式需要一种可靠且又能够在网络上广泛部署的一个跟踪框架。这就正是本文所要解决的问题。Jini 是Sun 公司1999 年提出的一种新的分布式计算模型。本文将Jini 的这种分布式计算模型应用到入侵跟踪系统中来,使得整个跟踪系统具有可扩展性,可伸缩型,自适应性,使得该系统可以很容易地与现有系统兼容并容易在Internet上大规模的部署。本文第一章先介绍了网络安全的基本概念和入侵跟踪的必要性,第二章介绍了当前入侵跟踪的技术,着重介绍了协同的入侵响应框架CITRA,第三章参照CITRA 提出了基于Jini 的入侵跟踪系统框架,对框架的可扩展性,可伸缩性以及自适应性进行了论述,并在第四章中进行了仿真试验,取得了很好的效果。更多还原

【Abstract】 Intrusion traceback is an important technology in network security aspect,,which is aiming at tracing the real source of attacking, providing precise information for alarm and supplying reliable proof for post-crime testification and improving network system’s security. In actual network a common attacking means are always adopted by hackers, which will firstly break into some weaker hosts, then attack the terminal objects making the weaker ones as “springboard”. An reliable and universal tracing framework useful in network is required for resolving this attacking means. Jini is a new distributed system model which is put forword buy Sun company in 1999. In this article Jini was applied in the traceback system. It make the traceback system to be expandable, extensible and self-adaptability. All this make the traceback system is compatible with present exist traceback systems and can be easily deployed broadly in the Internet. The basic conception of network security and necessity of traceback are introduced in the first chapter. Present traceback technology is described in the second chapter, which emphatically introduces CITRA. According to CITRA, an intrusion traceback framework based on Jini is put forward, whose expandability, extensibility and self-adaptability are discussed. In the fourth chapter simulation experiment is practised . which get excellent result.更多还原