检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:马宏茹 李硕 MA Hongru;LI Shuo(School of Information,Dalian Jiaotong University,Dalian Liaoning 116028,China)
出 处:《信息与电脑》2021年第23期214-218,共5页Information & Computer
摘 要:安全套接层(Secure Socket Layer,SSL)位于网络模型的网络层和传输层,是Web浏览器与Web服务器之间安全交换信息的重要协议,用于提供基本的安全服务。地址解析协议(Address Resolution Protocol,ARP)攻击和网络钓鱼是对SSL的主要攻击。ARP攻击是诸如拒绝服务(Denial of Servic,DOS)和中间人攻击(Man-in-the-Middle Attack,MITM)等精确局域网攻击的主要方式。ARP的弱点会直接影响网络的安全标准,特别是以太网。攻击者可以在客户端与服务器通信信道上充当"中间人",用户很难知道它们是否链接到了原始的安全链接或者是否是准确且安全的交换信息。笔者针对ARP网络攻击与防御进行简要分析,并列举目前抵御ARP攻击的方法及其缺点,并提出相应的防御方法。实验结果表明,本文提出的方法可以克服ARP的弱点,能够有效抵御ARP网络攻击。SSL is located in the network layer and transport layer of the network model. It is an important protocol for the secure exchange of information between web browsers and web servers, and is used to provide basic security services. Address Resolution Protocol(ARP) attacks and phishing are the main attacks on SSL. ARP attacks are the main methods of precision LAN attacks such as denial of service(DOS) and man in the middle(MITM). The weakness of ARP directly affects network security standards, especially Ethernet. Attackers can act as a middleman on the client/server communication channel, and it is difficult for users to know whether they are connected to the original secure link or whether they are exchanging information accurately and securely. This article briefly analyzes ARP network attacks and defenses, lists the current methods of defending against ARP attacks and their shortcomings, and gives the corresponding defense methods proposed in this article. The experimental results reflect that the methods proposed in this article can overcome ARP weaknesses and effectively resist ARP network attacks.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.147.72.31
