湖北师范学院学报(自然科学版)
湖北師範學院學報(自然科學版)
호북사범학원학보(자연과학판)
JOURNAL OF HUBEI NORMAL UNIVERSITY(NATURAL SCIENCE)
2015年
2期
6-13,32
,共9页
董本清%张永%徐斌昕
董本清%張永%徐斌昕
동본청%장영%서빈흔
身份认证%重放攻击%同源重放攻击
身份認證%重放攻擊%同源重放攻擊
신빈인증%중방공격%동원중방공격
authentication%replay attack%identical-source replay attack
针对采用“内网IP地址+NAT”接入互联网形成的内网中容易发生同源重放攻击的问题,通过引入会话指纹( Session Fingerprinting)的概念,提出了基于会话识别的同源重放攻击应对方案。该方案通过会话指纹,识别会话的变化,适时地要求用户输入原始认证信息,例如,用户名和密码,进行身份认证,达到应对重放攻击的目的。代码实现和理论分析均表明,提出的应对方案能够有效地应对同源重放攻击。
針對採用“內網IP地阯+NAT”接入互聯網形成的內網中容易髮生同源重放攻擊的問題,通過引入會話指紋( Session Fingerprinting)的概唸,提齣瞭基于會話識彆的同源重放攻擊應對方案。該方案通過會話指紋,識彆會話的變化,適時地要求用戶輸入原始認證信息,例如,用戶名和密碼,進行身份認證,達到應對重放攻擊的目的。代碼實現和理論分析均錶明,提齣的應對方案能夠有效地應對同源重放攻擊。
침대채용“내망IP지지+NAT”접입호련망형성적내망중용역발생동원중방공격적문제,통과인입회화지문( Session Fingerprinting)적개념,제출료기우회화식별적동원중방공격응대방안。해방안통과회화지문,식별회화적변화,괄시지요구용호수입원시인증신식,례여,용호명화밀마,진행신빈인증,체도응대중방공격적목적。대마실현화이론분석균표명,제출적응대방안능구유효지응대동원중방공격。
It's very popular that users get access to the Internet in the "inner IP +NAT"way.However, the "inner IP +NAT"way may help malicious users attack web servers by replaying as a legal user.A protection scheme of identical-source replay attacks is proposed through introducing the concept Session Fingerprinting.This scheme can thwart identical-source replay attacks by identifying client changes and requiring original identification information, such as, username and password. Prototype realization and theoretical analysis both prove that the proposed scheme thwarting identical-source replay attacks is effective.
