摘要: 针对现有网络隐蔽通道在流量隐藏和代理穿透方面的不足,提出一种基于浏览器帮助对象(BHO)构建网络隐蔽通道的方法。BHO自身的“合法性”和“寄生性”不仅为躲避杀毒软件和防火墙提供天然屏障,而且能为流量隐藏和代理穿透提供有利条件。该文给出详细方案设计和代码框架,通过测试验证该隐蔽通道的有效性。针对其可能带来的危害,提出防御建议。
关键词:
网络隐蔽通道,
浏览器帮助对象,
流量隐藏,
代理穿透,
网络安全
Abstract: To alleviate the weakness of existed network covert channels in traffic concealing and proxy penetration, a new method of constructing covert channel based on BHO is proposed. The method using Internet space such as webmail, blog or bbs to transfer information. The legality and parasitic ness of BHO provides protection against anti-virus software and firewall, and make it easy to conceal traffic and penetate proxy. Detail design and code framework are given, tests are done to validate the network covert channel. Some advice are given to protect against this kind of network covert channel.
Key words:
network covert channel,
Browser Helper Object(BHO),
traffic concealing,
proxy penetration,
network security
中图分类号:
王 娟;郭永冲;王 强. 基于BHO的网络隐蔽通道研究[J]. 计算机工程, 2009, 35(5): 159-161,.
WANG Juan; GUO Yong-chong; WANG Qiang. Research of Network Covert Channel Based on BHO[J]. Computer Engineering, 2009, 35(5): 159-161,.