期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于传播特性的蠕虫检测方法

A Worm Detection Method based on Propagation Characteristics
下载PDF
导出
摘要 随着计算机网络技术的飞速发展,网络蠕虫攻击成为目前影响网络安全的一个重要问题。实时监视网络蠕虫攻击,特别是在蠕虫传播早期检测到蠕虫,以采取相应的防御措施,减少蠕虫传播和攻击造成的损失变得尤为重要。通过分析网络蠕虫在传播过程中具有扩散性、链型以及传输数据相似等特征,提出了一种基于蠕虫传播特征的检测方法。实验结果表明:该检测方法在一定程度上降低了蠕虫检测的漏报率和错误率,对未知蠕虫具有较好的检测能力。 With the rapid development of Internet,network worm attacks has became the main threat to network security at present.It is necessary to monitor the worm attacks,especially in the early stage of worm propagation,and take measures of reducing the loss caused by worm attacks.A method based on Propagation Characteristics for worm detection is put forward,through analyzing the worm characteristics of diffusing,the chain linking pattern and similarity of propagation data.The experimental results show that the method has advantages in decreasing the rate of omitting and mistakes,and detecting unknown worms to some degree.
作者 卢宁 尚敏
机构地区 广东科学技术职业学院计算机工程技术学院
出处 《电脑开发与应用》 2010年第7期11-13,共3页 Computer Development & Applications
基金 广东省自然科学基金资助项目(04010589)
关键词 网络攻击 蠕虫 入侵检测 传播模型 network attack worm invade detection propagation model
分类号 TP274.5 [自动化与计算机技术—检测技术与自动化装置]
  • 相关文献

参考文献3

二级参考文献24

  • 1[1]Curry D,Debar H.Intrusion Detection Message Exchange Format Data Model and Extensible Markup Language(XML) Document Type Definition.
  • 2Lemos R.Fast-Spreading code is weapon of choice for net vandals.2001.http://news.com.com/Year+of+the+Worm/2009-1001_3-254061.html?tag=st.rn#
  • 3CERT.CERT coordination center 2003 annual report.2003.http://www.cert.org/annual_rpts/cert_rpt_03.html
  • 4NCNIPC.Network security analysis report of national computer network intrusion protection center.2004 (in Chinese).http://www.cert.org.cn/articles/statistic/common/2004060321713.shtml
  • 5Moore D,Paxson V,Savage S,Shannon C,Staniford S,Weaver N.Inside the slammer worm.IEEE Security & Privacy,2003,1(4):33-39.
  • 6Staniford S,Moore D,Paxson V,Weaver N.The top speed of flash worms.In:Paxson V,ed.Proc.of the 2004 ACM Workshop on Rapid Malcode.Washington:ACM Press,2004.33-42.
  • 7Zou CC,Gao L,Gong W,Towsley D.Monitoring and early warning for Internet worms.In:Jajodia S,ed.Proc.of the 10th ACM Conf.on Computer and Communication Security.Washington:ACM Press,2003.190-199.
  • 8Berk V,Bakos G,Morris R.Designing a framework for active worm detection on global networks.In:Cole JL,Wolthusen SD,eds.Proc.of the IEEE Int'l Workshop on Information Assurance.Darmstadt:IEEE Computer Society,2003.13-23.
  • 9Berk VH,Gray RS,Bakos G.Using sensor networks and data fusion for early detection of active worms.In:Carapezza EM,eds.Proc.of the SPIE,Vol 5071.Orlando:SPIE,2003.92-104.
  • 10Wu J,Vangala S,Gao L,Kwiat K.An effective architecture and algorithm for detecting worms with various scan techniques.In:Neuman C,ed.Proc.of the Symp.on Network and Distributed Systems Security (NDSS 2004).San Diego:Internet Society,2004.143-156.

共引文献25

电脑开发与应用
2010年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部