期刊文献+

基于行为相似性的P2P僵尸网络检测模型 被引量:2

P2P Botnet Detecting Model Based on Behavior Similarity
下载PDF
导出
摘要 P2P僵尸网络对Internet构成巨大的安全威胁。在基于主机的P2P流量检测和恶意行为检测的基础上,提出一个P2P僵尸网络的检测模型。构建一个基于CHORD协议由监视节点组成的结构化P2P网络,将同时具有P2P流量和恶意行为的主机信息上报监视节点。通过对P2P僵尸主机行为进行融合分析,具有相似性恶意行为的主机被认为处于一个P2P僵尸网络中。 P2P Botnet is a serious threat to Internet security.A P2P botnet detecting model is proposed based on P2P traffic detection and malicious behavior detection on the host.A structured P2P network which is composed of monitoring nodes based on Chord protocol is established,the information of the hosts which have malicious behavior and P2P traffic at the same time are reported to the monitoring nodes.The hosts which have similar maliciousact behavior belong to a P2P Botnet according to fusing and analyzing the hosts behavior of P2P Botnet.
出处 《现代电子技术》 2010年第15期132-135,共4页 Modern Electronics Technique
关键词 P2P 僵尸网络 网络安全 CHORD协议 P2P Botnet network security CHORD protocol
  • 相关文献

参考文献8

  • 1GEER D. Malicious bots threaten network security[J].IEEE Computer, 2005, 38(1): 18-20.
  • 2HA D T, YAN Guan-hua. EIDENBENZ Stephan, et al. The effectiveness of structductural detection and defense against P2P-Based botnets[J]. IEEE Computer, 2009, 34 (2) : 858-863.
  • 3SCHOOF R. KONING R. Detecting peer-to-peer botnets[R/ OL]. [2007-04-09]. http://www, eviloctal, com.
  • 4诸葛建伟,韩心慧,周勇林,宋程昱,郭晋鹏,邹维.HoneyBow:一个基于高交互式蜜罐技术的恶意代码自动捕获器[J].通信学报,2007,28(12):8-13. 被引量:44
  • 5ZOU C, CUNNINGHAM R. Honeypot-aware advanced botnet construction and maintenanee[C]//Proceedings of International Conference on Dependable Systems and Networks(DSN). [S. l.]: DSN, 2006:3-9.
  • 6诸葛建伟,韩心慧,周勇林,叶志远,邹维.僵尸网络研究[J].软件学报,2008,19(3):702-715. 被引量:157
  • 7GRIZZARD J B, SHARMA V, NUNNERY C. Peer-to- peer botnets: overview and case study[C]//Proe, of the 1st Workshop on Hot Topics in Understanding Bomets(HOT- BOTS 2007). Boston: HUTBOTS, 2007: 13-15.
  • 8STOCIA I, MORRI R, DAVID L N, et al. Chord.. a scalable peer-to-peer lookup service for Internet applications[J]. Computer Communication Review, 2001,31(4): 27-31.

二级参考文献11

  • 1文伟平,卿斯汉,蒋建春,王业君.网络蠕虫研究与进展[J].软件学报,2004,15(8):1208-1219. 被引量:187
  • 2孙彦东,李东.僵尸网络综述[J].计算机应用,2006,26(7):1628-1630. 被引量:29
  • 3BAECHER P, HOLZ T, KOETTER M, et al. Know your enemy: tracking botnets, using honeynets to learn more about bots[EB/OL]. http://www.honeynet.org/papers/ bots/, 2005. Accessed March 2007.
  • 4WATSON D, HOLZ T, MUELLER S. Know your enemy: phishing[EB/OL], http://www.honeynet.org/papers/phishing/,2005. Accessed March 2007.
  • 5PROVOS N. A virtual honeypot framework[A]. Proceedings of 13th USENIX Security Symposium[C]. San Diego, CA, USA, 2004. 1-14.
  • 6BALAS E, VIECCO C. Towards a third generation data capture architecture for honeynets[A]. Proceeedings of the 6th IEEE Information Assurance Workshop[C]. West Point, NY, USA, 2005.
  • 7BAECHER P, KOETTER M, HOLZ T, et al. The nepenthes platform: an efficient approach to collect malware[J]. Lecture Notes in Computer Science 4219, 2006, 165-184.
  • 8ZIMMER D. Multipot[EB/OL]. http://labs.idefense.com/software/malcode. php, 2006. Accessed March 2007.
  • 9LEVINE J, GRIZZARD J, OWEN H. Application of a methodology to characterize rootkits retrieved from honeynets[A]. Proceedings of the Fifth Annual Information Assurance Workshop[C]. West Point, NY, USA, 2004. 15-21.
  • 10诸葛建伟,韩心慧,周勇林,宋程昱,郭晋鹏,邹维.HoneyBow:一个基于高交互式蜜罐技术的恶意代码自动捕获器[J].通信学报,2007,28(12):8-13. 被引量:44

共引文献192

同被引文献8

引证文献2

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部