《软件工程硕士论文-无线局域网取证关键技术的研究》由会员分享,可在线阅读,更多相关《软件工程硕士论文-无线局域网取证关键技术的研究(70页珍藏版)》请在金锄头文库上搜索。
1、密级: 工程硕士专业学位论文(设计)题目: 无线局域网取证关键技术的研究 作者: 完成时间: 2010 年 9 月 1 日 培养单位: 四 川 大 学 指导教师: 指导教师: 工程领域: 软 件 工 程 授予学位日期: 2010 年 月 日i无线局域网取证关键技术的研究工程领域:软件工程研究生 指导老师 无线局域网以其接入的灵活性与组网的方便性等特点,呈现快速发展的趋势。与此同时,无线局域网的安全机制相对有限网络却是脆弱的,无线局域网将成为下一代黑客攻击的主要对象,因此对无线局域网的取证研究就极为迫切。无线局域网取证主要涉及三方面的问题,一是获取特定频段的网络数据包;二是在收集数据包有限的情况
2、下高速破解获取明文数据;三是根据网络协议将单个网络数据包恢复为应用明文。此外,如何设计数据库以存贮网络取证结果和展示取证结果视图也是必须的环节。论文主要研究了无线网络取证中的解决上述主要问题的方法和技术。首先,论文研究了无线局域网取证的相关技术基础,包括无线局域网相关协议、无线信号测控技术以及计算机取证技术等。其次,论文重点研究了用于无线局域网中广泛被使用的两种无线路由加密方式:WEP 和 WPA。通过分析指出了 WEP 加密机制的各种漏洞并引出了 WPA 加解密机制,分析了 WPA 安全协议中存在的安全漏洞以及针对它们的各种攻击方式,并设计完成了 WEP 和 WPA 破解原型系统。 然后,根
3、据破解得到的单个明文数据包,根据应用层协议、TCP/IP 协议,设计了应用层数据恢复流程,完成了原型系统并给出了测试结果。最后,论文给出了无线局域网取证原型系统设计,包括系统用户视图、部署视图等,在无线局域网 WLAN 的实验环境,使用上述的方法,实现了原型系统,完成了对计算机的取证及分析,研究结果对计算机取证应用有重要的实践指导意义。关键词:无线局域网;WLAN 取证;WEP ;WPA;Wincap 四川大学工程硕士学位论文 无线局域网取证关键技术的研究iiA research on the key technique of WLAN ForensicsField: Software Eng
4、ineeringGraduate Student: Advisors: The flexibility of accessing WLAN and the convenience of organizing network have indicated the trend of sharp development of WLAN. Meanwhile, as a weak safety mechanism which is confined to a limited network, WLAN would be the main target of hackers in next genera
5、tion, therefore a research on WLAN forensics seems to be extremely urgent.The WLAN forensics refers to the following key techniques: 1. How to obtain data cell in specified frequency. 2. How to draw out clarified data by rapidly dispelling the finite data cell. 3. How to change individual data cell
6、into clarified ones according to the network protocol. Besides, designing the related data base for storing and illustrating forensics is drawn out to be another critical concern. The paper focuses on the research on the above mentioned pivotal questions about WLAN forensics.To be more specific, the
7、 technical foundation of WLAN forensics has been analyzed including WLAN-related protocols, techniques of the measures, monitoring of wireless signal and cyber-forensics.Additionally, the text has also highlights the researches into two chief encryption modes for WLAN, which are titled as WEP and WP
8、A. Many bugs in the WEP have been revealed from the analysis, and from which the WPA has been derived. In doing so, the bug in WPA safety protocol and the possible relevant attack has been evaluated in addition to the accomplishment of designing the prototype-dispelling system within WEP and WPA.Mor
9、eover, the research has designed the recovering process of application layer data according to application layer protocol, TCP/IP and individual clarified data cell, finished the prototype-dispelling system and indicated the testing result.Finally, the text has offered the designation of WLAN protot
10、ype system, including system user view and deployment view, it finished the cyber-forensics and analysis by using the above methods in WLAN experimental environment thereby forming a final applicable prototype system for illustration, and it has realizable significance for cyber-forensics.Keywords: Wireless LAN; WLAN forensics; WEP; WPA; Cracking; Wincap; 802.11四川大学工程硕士学位论文 无线局域网取证关键技术的研究i目 录1 概 述 11.1 WLAN 无线网络安全 11.2 WLAN 取证技术 11.2.1 研究背景 11.2.2 WLAN 取证技术 21.3 无线信号测控技术 21.4 论文结构 22 WLAN 取证相关技术 42.1 WLAN 无线安全机制 42.2 无线破解技术 52.3 计算机取证技术 52.4 QT 技术
