摘要
目前已有一些全球化的网络蠕虫监测方法,但这些方法并不能很好地适用于局域网.为此,文中提出一种使用本地网协同检测蠕虫的方法,该方法注重分析扫描蠕虫在本地网的行为,通过这些方法给出预警信息,以揭示蠕虫在本地网络中的活动情况。并针对不同的行为特性使用不同的处理方法.结果表明,该方法可以准确、快速地检测出入侵本地网络的扫描蠕虫。
There are several global detection methods, but they are not applicable to LANs. A new cooperative approach to automatic worms detection by using LANs is proposed in this paper, which focuses on scanning worm characteristics in LANs and uses different methods to cope with different worm behaviors, The results show that this approach is promising in quickly finding worm intrusion in LANs and in extracting unknown worm signatures for prevention of more worm threats.
出处
《通信技术》
2009年第11期113-115,共3页
Communications Technology
关键词
网络蠕虫
网络攻击
入侵检测
Internet worm
network attack
intrusion detection
