检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]上海交通大学电子信息与电气工程学院,上海200240
出 处:《信息安全与通信保密》2016年第8期95-100,共6页Information Security and Communications Privacy
摘 要:SOHO路由器作为现今家庭和中小型办公环境中普及度极高的网络接入设备,其安全性之重要不言而喻。加之目前国内外对网络设备,尤其是路由器的攻击越发流行,因此,本文对SOHO路由器脆弱性和相应攻击面的研究具有重要价值,是相关学术领域研究的大势所趋。主要研究分析和归纳总结了SOHO路由器脆弱性方面的相关技术和研究成果,包括远程侦测技术、漏洞利用技术和后门驻留技术等。首先是远程侦测技术,用来实现对路由器类型和版本的精准探测;其次是漏洞利用技术,用来获取路由器的管理权限甚至是系统权限;最后是后门驻留技术,用来在获取路由器权限的基础上实现长期的隐蔽控制。这里为今后在设计、改进SOHO路由器的安全防御技术和策略等方面提供基础支撑。As a network access facility, the SOHO router is highly popular in family and office today, so it' s security is of great im- portance. Nowadays cyber attack aiming at network equipment, especially SOHO touters, is gradually popular at home and abroad, so it is necessary to research on vulnerabilities and attacking methods, and also it is represents the general trend in the related research fields. This paper focuses on researching and concluding both the technologies and results about the SOHO router' s vulnerabilities, in- cluding remote detection technology, exploit technology, and resident backdoor technology. Firstly, the remote detection technology, which is used to accurately detect router' s type and version, is studied. Then, exploit technology is researched to get administrator privileges, even get the system authority. Finally, resident backdoor technology is is used as controlling the router covertly in a long- term based on getting the administrator privilege. This paper may provide basis SOHO router' s support in the both design and improve- ment of security techniques and strategy in the future.
关 键 词:SOHO路由器 远程侦测 漏洞利用 后门驻留 脆弱性分析
分 类 号:TN915.05[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.145
