計(jì)算機(jī)專業(yè)畢業(yè)外文翻譯1

1、<p><b>　　畢業(yè)設(shè)計(jì)（論文）</b></p><p><b>　　論文翻譯</b></p><p>　　摘要：本文擬在提出一種可以區(qū)分protocol指紋識(shí)別的方法，用幀描述指紋識(shí)別代替建立幀系統(tǒng)獲得主機(jī)信息與系統(tǒng)配對(duì)從而分辨出主機(jī)操作系統(tǒng)的類別。實(shí)驗(yàn)的結(jié)果表明這種方法能夠有效的辨別操作系統(tǒng)，這一方法比其他例如nmap 和 xp

2、robe的系統(tǒng)更為隱秘。</p><p>　　關(guān)鍵詞：傳輸控制）協(xié)議/ 協(xié)議 指紋識(shí)別 操作系統(tǒng)</p><p>　　辨別遠(yuǎn)程主機(jī)的操作系統(tǒng)，這是一個(gè)很重要的領(lǐng)域。了解主機(jī)操作系統(tǒng)可以分析和獲取一些信息，例如記憶管理，CPU的類型。這些信息對(duì)于計(jì)算機(jī)網(wǎng)絡(luò)的攻擊與防御非常重要。</p><p>　　主要的辨別是通過TCP/IP指紋識(shí)別來完成的。幾乎所有的操作系統(tǒng)的定制

3、他們自己的協(xié)議棧都通過以下的RFC。這種情況導(dǎo)致一個(gè)實(shí)例，每個(gè)協(xié)議棧會(huì)有細(xì)節(jié)上的不同。這些不同的細(xì)節(jié)就是所知道的使辨別操作系統(tǒng)稱為可能的指紋識(shí)別。</p><p>　　Nmap、Queso在傳輸層里使用指紋。他們將特殊數(shù)據(jù)包發(fā)送到目標(biāo)并分析返回的數(shù)據(jù)包，在指紋庫(kù)中尋找配對(duì)的指紋，以便得到的結(jié)果。指紋庫(kù)中的信息受指定的探測(cè)信息的影響.很難區(qū)分類似的操作系統(tǒng)（例如：windows98/2000/xp）</p&g

4、t;<p>　　Xprobe主要是利用ICMP協(xié)議，這是利用五種包來識(shí)別操作系統(tǒng)。它能夠提供的在所有可能的情況下確實(shí)是操作系統(tǒng)的概率。主要不足是它過分依賴ICMP協(xié)議議定書。</p><p>　　SYNSCAN是在應(yīng)用協(xié)議中與目標(biāo)主機(jī)聯(lián)系時(shí)，使用的一些典型的指紋識(shí)別方法。指紋庫(kù)對(duì)在這個(gè)領(lǐng)域有限制。</p><p>　　Ring， Ttbit查明操作系統(tǒng)所使用TCP / IP

5、的性能特點(diǎn)。因?yàn)檫@種性能受網(wǎng)絡(luò)環(huán)境極大。其結(jié)果往往是不完全確定的。</p><p>　　文獻(xiàn)分析資料中的行動(dòng)而獲得的攔截（如一些同步的要求，一個(gè)封閉的端口如何響應(yīng)連接請(qǐng)求） 。雖然這種方式是有效，它在少數(shù)特定操作系統(tǒng)區(qū)分</p><p>　　上述的各種系統(tǒng)，都沒有完整的描述指紋系統(tǒng)，引起他們進(jìn)行分辨的主要是依靠部分的TCP/IP。這篇文章的目的就是要簡(jiǎn)紹一種新的方法來解決這些問題。<

6、/p><p>　　它們都被嚇跑的方式來描述指紋的OS integrallty ，造成訴訟程序的確定只能依靠部分TCP / IP協(xié)議。本文提出了一種新的方法來解決這一問題：它是指紋操作系統(tǒng)，是通過利用科技來獲取一些信息，獲取的信息的一些技術(shù)，查明操作系統(tǒng)。</p><p>　　第二章我們提出一些基本的方法的概念，第三章 用幀技術(shù)來提出描述和匹配協(xié)定指紋，第四章，是完成這種方法的算法，第五部分，利

7、用實(shí)驗(yàn)來驗(yàn)證他的有效有效性并分析結(jié)果最后第六部分是總結(jié)全文，及未來的發(fā)展方向。</p><p>　　該程序是為了獲取信息，提取指紋和匹配的指紋庫(kù)里的記錄，以便知道類型。本節(jié)確定獲取信息的方法，采取的做法和通信的狀況，還區(qū)分指紋。這些工作為下一節(jié)如何建立一個(gè)幀系統(tǒng)來識(shí)別指紋做好準(zhǔn)備</p><p>　　要插入“表”或“數(shù)字” ，請(qǐng)粘貼下文所述數(shù)據(jù)。所有表格和數(shù)字必須使用連續(xù)數(shù)字（ 1 ， 2

8、 ， 3等） ，并有一個(gè)標(biāo)題放在下面的數(shù)字（ “ FigCaption ” ）或在表的上面（ “ FigTalbe ” ）用8pt字體和從風(fēng)格蘭中下拉菜單中的類別中選擇指定的樣式“標(biāo)題”。</p><p>　　在本文中，我們提出了一個(gè)方法，以確定操作系統(tǒng)的遠(yuǎn)程主機(jī)。該方法使用幀技術(shù)來識(shí)別指紋，彌補(bǔ)探針和監(jiān)控獲得的信息和從資料中摘取信息來與指紋庫(kù)中的匹配，最后識(shí)別操作系統(tǒng)。通過實(shí)驗(yàn)，該方法與nmap and xpr

9、obe. 相比，能準(zhǔn)確識(shí)別遠(yuǎn)程的主機(jī)的操作系統(tǒng)。</p><p>　　在未來，我們計(jì)劃為每個(gè)種操作系統(tǒng)匯編更多的指紋，使算法（規(guī)則系統(tǒng)）將更加智能化，以提高識(shí)別的精度（準(zhǔn)確性）。</p><p>　　This paper present a method that classify the fingerprint of protocol（電腦之間通信與資料傳送所遵守的規(guī)則）, use th

10、e frame to describe the fingerprint in order to create the frame system, get the information of host（主機(jī)） to match the system to identify the type of OS in remote host. Result from experimental（實(shí)驗(yàn)性的）appears that this meth

11、od can identify the OS effectively, the action of is more secretly than other systems such as nmap and xprobe （x-probe：X探針）.</p><p>　　Key words: TCP/IP Fingerprint OS</p><p>　　It is an important

12、 field that identify what OS in remote host. Mastering the OS can analyse and acquire some information such as memory management、the kind of CPU. These information is important for computer network attack and computer ne

13、twork defense.</p><p>　　The main way to identify is through the TCP/IP fingerprint to finish. Nearly all kind of OS customize（定制） their own’s protocol stack by following the RFC. This instance cause the fact

14、 that every protocol stack has some different details during implementing. These details are known as fingerprint which make it possible to identify the OS .</p><p>　　Nmap、Queso[1] use the fingerprint in tra

15、nsport layer. They send the particular packets to the target and analyse the retured packets, matching the fingerprint in the fingerprint warehouse in order to get the result. The information in the warehouse is affected

16、 by the specified message for probing. It hardly to distinguish the similar OS (eg.windows98/2000/xp).</p><p>　　Xprobe[2] mainly use the ICMP which make use of five kinds of packets in ICMP to identify OS. I

17、t can give the probability of all possible situation which maybe the indeed OS. The main shortage is it excessively depend on ICMP Protocol.</p><p>　　SYNSCAN[3] use some typical fields’ fingerprint to identi

18、fy when it communicaties with target host in application protocol. The warehouse of fingerprint have limited types of field. </p><p>　　Ring 、Ttbit[5][6] identify the OS using the performance character of TCP

19、/IP. Because this kind of character is affected by network environment greatly. The result is often not exactly.</p><p>　　Literature[7] analysis the action in messages which are acquired through interception

20、(eg. The number of SYN request, a closed port how to response a connection request).Although this way is availability, it only distinguish a few given OS</p><p>　　Above all the kinds of system, they all be s

21、care of a way to describe the fingerprint of OS integrallty, which cause the proceeding of identify only depend on a part of TCP/IP . This paper propose a new method to resolve the problem: it uniformly the fingerprint o

22、f OS, acquire the message by some technology, identify the OS at last. </p><p>　　The rest of the paper is organized as followed: Section Ⅱ we present based concept of this method. Section Ⅲ present how to de

23、scribe and match the protocol fingerprint using frame technology. Section Ⅳ present an algorithm to implement the method and Section Ⅴ use experiment to validate its effectiveness and analysis the result. Finally Section

24、 Ⅵ present the concluding remark and possible future work.</p><p>　　The proceeding of identify is to acquire message, extract the fingerprint and match the record of fingerprint warehouse, in order to know t

25、he type. This section define the measure which are to acquire message, the action and status of communication, also classify the fingerprint. These work are all prepared for the next section which how to built a frame sy

26、stem describing the fingerprint.</p><p>　　To insert “Tables” or “Figures”, please paste the data as stated below. All tables and figures must be given sequential numbers (1, 2, 3, etc.) and have a caption pl

27、aced below the figure (“FigCaption”) or above the table(“FigTalbe”) being described, using 8pt font and please make use of the specified style “caption” from the drop-down menu of style categories</p><p>　　C

28、onclusion</p><p>　　In this paper, we have presented a method for identifying OS of remote host. The method use frame technology to express the fingerprint, make up of Probe and Monitor to get message and abs

29、tract the information from the message to match the warehouse of fingerprint, identify the OS at last. Through experiment, this method can exactly identify the OS of remote hose with more secretly and less number of pack

30、ets comparing with nmap and xprobe. </p><p>　　In the future, we plan to collect more fingerprint for each kind of OS, make the algorithm(規(guī)則系統(tǒng)) to be more intelligent, in order to improve the precision(準(zhǔn)確性) o