網路安全協定模擬器

Abstract

由於電腦及網路科技的發展，許多資料都可以數位化後儲存，然後在網路上方便地傳送，但是網路上有著許多的網路駭客在竊聽傳送資料，本論文以資料傳送的安全協定為研究對象，利用模擬安全協定的過程中，設計偵測各種安全漏洞的法則，以提升我們要在安全傳送資料的信心度。 本論文中，利用編譯器技術中的Scanner及Parser，將輸入的Protocol做分析，以及利用物件導向技術，將Check Rules 當作輸入，我們使用漏洞法則(pattern)的方法來分析安全協定，並且探討各個漏洞的特性，這幫助我們在偵測安全協定時有沒有發生漏洞。另外，從實驗的結果，我們知道，在安全檢測法則(pattern)的分析之後，我們認定若符合pattern的條件之下，很有可能產生pattern下所描述的Flaw，但若不符合pattern的條件的話，就一定不可能產生pattern下所描述的Flaw。因此本論文提出的安全協定模擬方法對偵測安全漏洞和增強安全性質都有很好的助力。

Since computer science and network are developed, many data can be digitized and stored in hard discs or compact discs. And it is convenient to transmit in the network. But there are a lot of network hackers who can steal the transmitting information in the network channel. This paper focus on network security protocol simulation. In the process of the simulation, we design all kinds of check rules about detecting security flaw. It can help us promote the confidence of transmitting data.

In our paper, we use the technology of compiler-- Scanner and Parser, and we have the analysis of the input network security protocol. We use the technology of object orient to take some check rules as input. We use the method of check pattern to help the analysis of the network security protocol. On the other hand, from the result of experiment, we can get some message. After the analysis of check pattern, if we confirm that it can match the condition of check pattern, it could have this kind of flaw. But if it doesn’t match to check pattern, it will not have this kind of flaw. Therefore, the method of security protocol simulator in our paper is helpful to detect the security problem and enhance the security property.