Please wait a minute...
FITEE
Front. Inform. Technol. Electron. Eng.  2016, Vol. 17 Issue (10): 1044-1055    DOI: 10.1631/FITEE.1500382
    
匿名地址解析模型
Guang-jia Song, Zhen-zhou Ji
School of Computer Science and Technology, Harbin Institute of Technology, Harbin 150001, China
Anonymous-address-resolution model
Guang-jia Song, Zhen-zhou Ji
School of Computer Science and Technology, Harbin Institute of Technology, Harbin 150001, China
 全文: PDF 
摘要: 目的:针对地址解析过程中由信息泄露导致的攻击问题,就如何实现解析过程中地址信息隐藏进行了研究。
创新点:本文提出了一种新的解析模型,新模型不公开地址解析的目的地址,而且对节点自身的IP地址与MAC地址都进行隐藏,实现了匿名地址解析。
方法:首先,根据匿名地址解析过程,源节点将地址解析的目的地址(IPX)视为自身与目标节点之间共同秘密,可利用IPX作为公钥对解析目的地址以及自身的地址信息进行加密,然后发送解析请求;其次,只有特定的节点才可以还原出解析请求并发送应答;再次,源节点收到解析应答并进行验证,验证通过后即完成地址解析过程;最后,将匿名地址解析与安全邻居发现及其他几种典型方案进行了对比。
结论:针对地址解析协议的面临的安全威胁,提出了匿名地址解析过程,实现了不公开解析目的地址、隐藏节点自身地址信息的目的。
\n
关键词: 网络安全地址解析邻居发现匿名    
Abstract: Address-resolution protocol (ARP) is an important protocol of data link layers that aims to obtain the corresponding relationship between Internet Protocol (IP) and Media Access Control (MAC) addresses. Traditional ARPs (address-resolution and neighbor-discovery protocols) do not consider the existence of malicious nodes, which reveals destination addresses in the resolution process. Thus, these traditional protocols allow malicious nodes to easily carry out attacks, such as man-in-the-middle attack and denial-of-service attack. To overcome these weaknesses, we propose an anonymous-address-resolution (AS-AR) protocol. AS-AR does not publicize the destination address in the address-resolution process and hides the IP and MAC addresses of the source node. The malicious node cannot obtain the addresses of the destination and the node which initiates the address resolution; thus, it cannot attack. Analyses and experiments show that AS-AR has a higher security level than existing security methods, such as secure-neighbor discovery.
Key words: Network security    Address resolution    Neighbor discovery    Anonymous
收稿日期: 2015-11-03 出版日期: 2016-10-08
CLC:  TP393.1  
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章  
Guang-jia Song
Zhen-zhou Ji

引用本文:

Guang-jia Song, Zhen-zhou Ji. Anonymous-address-resolution model. Front. Inform. Technol. Electron. Eng., 2016, 17(10): 1044-1055.

链接本文:

http://www.zjujournals.com/xueshu/fitee/CN/10.1631/FITEE.1500382        http://www.zjujournals.com/xueshu/fitee/CN/Y2016/V17/I10/1044

[1] Kok-Seng Wong, Myung Ho Kim. 面向优选应答的k-匿名模型[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(9): 720-731.
[2] Ahmad Karim, Rosli Bin Salleh, Muhammad Shiraz, Syed Adeel Ali Shah, Irfan Awan, Nor Badrul Anuar. 僵尸网络探测技术:回顾、发展趋势及存在的问题[J]. Front. Inform. Technol. Electron. Eng., 2014, 15(11): 943-983.