期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

分布式蠕虫检测和遏制方法的研究 被引量:12

Approach to early detection and defense against internet worms
下载PDF
导出
摘要 提出了一种分布式蠕虫遏制机制,它由两大部分组成:中央的数据处理中心和分布在各网关的感知器。中央的数据处理中心接收感知器的检测结果,并统计蠕虫的感染状况。分布在各网关的感知器监测网络行为并检测蠕虫是否存在。若检测到蠕虫的存在,感知器根据蠕虫的疫情状况,启动自适应的丢包机制。最后,实验结果证明了该遏制系统能够有效地遏制蠕虫的传播,保护网络的运行;尽可能小的干扰正常的网络行为。 A distributed defense mechanism was proposed. The main task of defense mechanism was to quickly detect worm attacks and response to constrain their propagation. The defense mechanism was composed of two parts: a date processing centre(DPC) and distributed sensors for defending against worm attacks. DPC is responsible for receiving the result of each distributed sensor and computing the number of infected computer. These distributed sensors monitor the network and detect worm. Once a worm attack was detected, a dropping packet mechanism is used so that the worm propagation was constrained, and the number of interference with normal activity is minimized. The experimental results prove the robustness and efficiency of the proposed defense mechanism.
作者 陈博 方滨兴 云晓春
机构地区 哈尔滨工业大学计算机网络与信息安全技术研究中心
出处 《通信学报》 EI CSCD 北大核心 2007年第2期9-16,22,共9页 Journal on Communications
基金 国家自然科学基金资助项目(60403033)~~
关键词 蠕虫检测 网络监测 自适应遏制 连接度 worm detection network monitoring adaptive constrain connection degree
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1DENNING D. An intrusion detection model[J]. IEEE Transactions on Software Engineering, 1987, 13(2):222-232.
  • 2ANDERSON D, FRIVOLD T, VALDES A. Next-Generation Intrusion Detection Expert System (hides) a Summary[R]. Technical Report SRI-CSL-95-07, SRI International, 1995.
  • 3BERK V H, GRAY R S, BAKOS G. Using sensor networks and data fusion for early detection of active worms[A]. Proceedings of the SPIE eroSense[C]. 2003.92-104.
  • 4ZOU C C, GONG W, TOWSLEY D. Worm propagation modeling and analysis under dynamic quarantine defense[A]. ACM CCS Workshop on Rapid Malcode[C]. Washington DC, USA :ACM, 27,2003.51-60.
  • 5文伟平,卿斯汉,蒋建春,王业君.网络蠕虫研究与进展[J].软件学报,2004,15(8):1208-1219. 被引量:187
  • 6SIRIS V A, PAGAALOU F. Application of anomaly detection algorithms for detecting SYN flooding attacks[A]. IEEE Global Telecommunications Conference[C]. 2004. 2050-2054.
  • 7VALDES, SKINNER K. Adaptive, model-based monitoring for cyber attack detection[A]. Proceedings of the 3th International Symposium on Recent Advances in Intrusion Detection[C]. 2000.80-92.
  • 8MANKU G S, MOTWAN R. Approximate frequency counts over data streams[A]. Proc of 22nd Intl Conf on Very Large Data Bases[C]. HK,China, 2002. 346-357.
  • 9STANIFORD S, PAXSON V, WEAVER N. How to own the Internet in your spare time[A]. Proceedings of USENIX Security Symposium[C]. San Francisco, CA, 2002.149- 167.
  • 10ZOU C C, GONG W. Monitoring and early detection of internet worms[A].Proceeding of th 10th ACM Symposium on Computer and Communication Security[C]. Washington DC, 2003. 190-199.

二级参考文献1

共引文献186

同被引文献85

引证文献12

二级引证文献28

通信学报
2007年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部