摘要
僵尸网络作为网络犯罪活动的平台,正朝着P2P等分布式结构发展.研究僵尸网络的发展方向以及构建技术,有助于我们全面地了解僵尸网络活动的特点,从而更好地开展僵尸网络的检测和防范研究.本文分析了攻击者的需求,提出了一种基于层次化P2P网络技术的新型僵尸网络结构,并对这种僵尸网络的可行性和具体的传播、通讯、控制等各个方面进行了深入分析和探讨.在此基础上,我们通过模拟实验对各种防御策略的有效性进行了分析和评估,实验数据表明,在考虑实际可操作性条件下,现有的防御策略难以有效摧毁P2P结构僵尸网络.最后,我们讨论了这种新型僵尸网络可能的防御方法.
As a cyber crime platform, botnet is one of the biggest network security threats. Researching the evolvement of botnets, as well as possible botnets construction methods,can improve us in-depth understanding of details of botuets, and also guide us in the botnets defense research. In this paper, we proposed a P2P-based super botnet structure, analyzed the feasibility and dis- cussed all aspects of this new type bomet. Secondly, we evaluated effectiveness of various botnets defense strategies,our simulation results show that, when taking the actual operational conditions into account, it is difficult to completely destroy P2P-based botnets. Finally, we discussed some guidelines for defending against such new bomets.
出处
《电子学报》
EI
CAS
CSCD
北大核心
2009年第1期31-37,共7页
Acta Electronica Sinica
基金
国家863高技术研究发展计划(No.2006AA01Z412
2007AA01Z451)
国家自然科学基金(No.60703076)
