期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种改进的蠕虫检测和遏制算法的仿真和评估 被引量:1

Simulation and Evaluation OF A New Algorithm of Worm Detection and Containment
下载PDF
导出
摘要 通过对目前几种蠕虫检测和抑制策略的分析比较,提出了一种改进的两轮蠕虫检测和抑制算法,论证了这种算法对快速和慢速蠕虫检测和抑制的有效性,同时考虑了正常网络行为对该算法的影响,大大降低了该算法的误报率。最后,仿真实验分析了该算法在正常网络背景和网络拥堵背景下的检测蠕虫效果,证明了该算法策略能够高效地检测和抑制蠕虫,同时具有较好的低误报性。 Based on the comparison and analysis of many worm containment strategy, a new and effective strategy of worm dynamic defense and containment which is named IWDC is proposed in this paper. The effectiveness for containing top-speed scan worm and slow-speed scan worm is demonstrated. The impact of normal network traffic on the containment strategy is also analyzed so that it brings clown false positives largely. The simulation results verify that improved two-rotation quarantine algorithm can contain worms effectively and create lower false alarms.
作者 朱宇光 杨雄 王平
机构地区 南京理工大学自动化学院
出处 《微计算机信息》 北大核心 2008年第16期224-226,235,共4页 Control & Automation
关键词 蠕虫抑制 蠕虫检测 失败连接 误报率 worm containment worm detection false connection false alarms
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1Shigang Chen and Yong Tang. Slowing Down Intemet Worms. Prec. of 24th International Conference on Distributed Computing Systems (ICDCS" 04), Tokyo, Japan, Mar. 2004
  • 2Stuart E. Schechter, Fast Detection of Scanning Worm Infections. Stuart E. Schechter, and Arthur W. Berger www.wormblog. com/2004/12
  • 3Z.Chen,L.Gao Modeling the Spread of Active Worm.IEEE IN- FORM,2003
  • 4S.Stanlford and N.Weaver How to own the Intemet inYourS- pareTime. 11 thUsenixSecuritySymposium,SanFrancisco, August, 2002
  • 5CC.Zou,L.Gao,W.Gong Monitoring and Early Warning for Internet Worms. In 10th ACM Symposium on Computer and Communication Security Washington 2003
  • 6T.Liston.Welcom to My Tarpit:The Tactical and Strategic Use of Labrea,Dshied.org White paper2001
  • 7M.Williamson.ThrottlingViruses:Restricting Propagation to Defeat Malicious Mobie Code.HP Laboratories Technical Report,2002
  • 8C.Wong,C.Wang,D.Song,S.Bielski and G.Ganger Dynamic quarantime of Internet worms.In Proceedings of the International Conference on Dependable System and Networks DSN-2004,June 2004
  • 9Phillip Porras and Linda Briesemeister A Hybrid Quarantine Defense in Proceedings of the Workshop on Rapid Malcode, (WORM2004) Washington,2004
  • 10董瑜,张基温.改进的双要素蠕虫传播模型[J].微计算机信息,2005,21(12X):80-81. 被引量:4

二级参考文献4

  • 1戴启华,高西全,韩学义.话路时间校对和认证系统的安全策略研究[J].微计算机信息,2005,21(2):200-201. 被引量:10
  • 2R.M.Anderson,R.M.May.Infectious diseases of humans:dynamics and control.Oxford University Press,Oxford,1991.
  • 3H.Andersson,T.Britton.Stochastic Epidemic Models and Their Statistical Analysis.Springer-Verlag,New York,2000.
  • 4Streftaris G,Gibson GJ.Statistical inference for stochastic epidemic models.In:Proc.of the 17th Int' l Workshop on Statistical Modelling.Chania,2002.609~616.

共引文献3

同被引文献7

  • 1杨建华,谢高岗,李忠诚.基于Linux内核的流量分析方法[J].计算机工程,2006,32(8):67-69. 被引量:10
  • 2Seth Robertson, Eric V Siegel, Matt Miller, Salvatore J Stolfo. Surveillance detection in high bandwidth environments [ C ]. Proc. of DARPA DISCEX Ⅲ Conference, 2003 : 130 - 139.
  • 3Bro intrusion detection system [ EB/OL]. http://bro- ids. org.
  • 4Jaeyeon Jung, Vern Paxson, Arthur W Berger, Hari Balakrishnan. Fast port scan detection using sequential hypothesis testing[ C]. Proc. of the IEEE Symposium on Security and Privacy ,2004:211 - 225.
  • 5Chen yufeng, Dongyabo, Lu Dongming, et al. Detecting Randomly Scanning Worms Based on Heavy -Tailed Property[ C ]. Proc . of 2005 IEEE International Conference on Networking, Sensing and Control, 2005 : 354 - 358.
  • 6Hill B. A simple general approach to inference about the tail of a distribution [ J ]. The Annals of Mathematics Statistics, 1975 ( 3 ) : 1163 - 1174.
  • 7蒋建春,马恒太,任党恩,卿斯汉.网络安全入侵检测:研究综述[J].软件学报,2000,11(11):1460-1466. 被引量:370

引证文献1

微计算机信息
2008年 第16期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部