摘要
Http-Tunnel是一种新兴的木马通讯技术。由于其隐蔽性很好,一般的入侵检测技术和防火墙难以对其进行有效的检测。文章介绍了如何利用进程监视来追踪非法进程的源头,以抵御Http-Tunnel。这种通过溯源来追踪网络流量中异常的新颖方法,取得了较好的实验效果。
Http-Tunnel is a new Trojan communication technology.Due to its efficient disguise,it is difficult for the conventional intrusion Detection Systems(IDS) and the firewalls to perform effective inspection.This paper explains how to trace the source of unauthorized process with process monitoring to defend Http-Tunnel.It is a new method of detecting abnormalities in the network flow,and has achieved a good result in the laboratory.
出处
《计算机工程与应用》
CSCD
北大核心
2006年第7期109-111,共3页
Computer Engineering and Applications
基金
国家自然科学基金资助项目(编号:60303026)
