摘要
随着网络系统应用及复杂性的增加,网络蠕虫成为网络系统安全的重要威胁。最近,蠕虫本身又有了新的进展,即多态蠕虫的出现,其通过使用多种变形技术可以很容易地避开现有入侵检测系统的检测,成为未来威胁到互联网络安全的一个重大隐患。目前,针对多态蠕虫的检测技术的研究已经成为现在蠕虫研究的热点。首先综合论述了多态蠕虫本身的结构,然后对近几年针对多态蠕虫的防治技术进行了归纳总结和比较分析,最后给出针对多态网络蠕虫研究的热点问题及展望。
As the threat to the securit improvement of y of the network. network applications and complexity, Internet worms have become the Recently, worms have new revolution that is polymorphic worms, which could use many metamorphic techniques to evade the detection of the existing IDSes. At present, the detection technologies of polymorphic worms have become the focus of the worm research. The structure of polymorphic worms is firstly presented, then some detection techniques in recent years are concluded and an analysis is given, and finally some problems and research trends in this area are proposed .
出处
《计算机科学与探索》
CSCD
2008年第2期131-138,共8页
Journal of Frontiers of Computer Science and Technology
基金
国家自然科学基金No.60373026~~
关键词
多态蠕虫
内容过滤
基于行为的检测
语义分析
polymorphic worm
content-sifting
behavior-based detection
semantic analysis
