English  |  正體中文  |  简体中文  |  Items with full text/Total items : 2737/2828
Visitors : 345759      Online Users : 92
RC Version 4.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Adv. Search

Please use this identifier to cite or link to this item: http://ir.lib.stu.edu.tw:80/ir/handle/310903100/1937

Title: 運用DNSSEC建置DNS Pharming防護機制之研究
The Study of Apply DNSSEC to building a Protection Mechanism for DNS Pharming
Authors: 張筱涵
Shiau-Han Jang
Contributors: 程毓明;鄭進興
Yuh-Ming Cheng;Jinn-Shing Cheng
Keywords: Phishing;Pharming;DNS Spoofing;DNSSEC
Phishing;Pharming;DNS Spoofing;DNSSEC
Date: 2007
Issue Date: 2011-05-26 11:06:59 (UTC+8)
Publisher: 高雄市:[樹德科技大學資訊管理研究所]
Abstract: DNS服務推展至今已超過二十年,所提供的服務是網域名稱(Domain Name)與網路位址(IP Address)的轉換。當DNS不能正常提供服務時,許多網路服務將受到影響。例如,當使用者欲連結網頁時,將無法獲得正常回應。然而,DNS服務讓使用者在使用網路時無法體會或察覺它的存在。網址嫁接(Pharming)攻擊是透過DNS快取污染或竄改hosts檔等方式將合法網路位址改成惡意的網路位址,這將造成使用者在無察覺的情況下被導引至惡意的偽造網站,若您在網路上使用金融交易服務,可能導致財務損失或個人敏感性資訊的洩露。SANS安全組織於2005年3月發佈的警訊:「駭客對ISP層級的DNS伺服器做快取污染以便對"".com""網站有請求的連線轉送至另一個偽造的DNS伺服器,有超過900個網路位址與75000封Email信息被重新導向」。因此,Pharming攻擊的防護是相當重要的網路安全議題。本研究根據DNSSEC機制,發展一套DNS Pharming防護機制與系統,以期能協助DNS管理者確保DNS伺服器的轄區資料的正確性,同時讓一般使用者能自動驗證發送的DNS Query所回應的資源記錄是否具有完整性與可驗證性。以降低因DNS Pharming攻擊發生而造成嚴重的資安事件,同時有效增進網際網路應用服務之安全性。
It has been more than twenty years since DNS service developed and DNS provides the transformation of domain names and IP addresses. If DNS server doesn’t work regularly, a lot of internet behaviors would be influenced. For instance, it can not gain to normal response if user want to link the web sites. And then, let the users forget or ignore the existence of DNS service. Pharming attack would alter lawful website to malicious sites through poison cache that would falsify host file and the users would be led to malicious sites unconsciously. If you make a transaction on the internet, that might result in the loss of money or personal information. In March 2005, SANS security organization issued a warning about attackers use cache poison to several ISP-level DNS servers so that request for “.com” sites were directed to fabricate DNS servers, and had more than 900 Internet addresses and more than 75000 email messages were redirected. Therefore, protect of pharming attacks is more important network security purpose. This research based on DNSSEC mechanism develops a System of Anti-Pharming Attacks using DNSSEC mechanism, in order to ensure that it can assistant the administrators keep the zone data accurately which the area is under the DNS server’s control. Also it can automatic verify if the resources record of DNS Query from users fit in with integrity and authentication. The act of information security event caused by Pharming attack will be lowered as well as increase the security of internet applications.
Appears in Collections:[資訊管理系(所)] 博碩士論文

Files in This Item:

File Description SizeFormat
運用DNSSEC建置DNS Pharming防護機制之研究__臺灣博碩士論文知識加值系統.htm國圖110KbHTML606View/Open

All items in STUAIR are protected by copyright, with all rights reserved.





2. 本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本校護人員(clairhsu@stu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback