期刊文献+

基于良性益虫的对等网络蠕虫防御技术 被引量:2

Anti-worm Based Defensive Scheme for P2P Worm
下载PDF
导出
摘要 对等网络蠕虫利用对等网络的固有特征(如本地路由表、应用层路由等),不仅复制快,而且提供了更好的隐蔽性和传播性,因而其危害大,防御困难。从分析互联网蠕虫及其传播机制入手,对对等网络上的蠕虫(即P2P蠕虫)及其特殊性进行了综合分析。在此基础之上,提出了基于良性益虫的被动激活主动传播防御策略(PAIFDP),并对该策略的技术原理和响应防御系统的功能模块等进行了详细设计。以Peersim仿真平台为基础,对各种不同网络参数下的防御效果和资源消耗情况进行了实验分析。结果表明,基于良性益虫的P2P蠕虫防御技术具有收敛时间快、网络资源消耗少、适应性强等特点。 P2P worms employ the distinctive features of P2P network,such as the local routing table,application routing mechanism and so on,to quickly distribute them into the network while holding the covert characteristic.Contrarily,the common internet worms generally rely on detecting the victims' IP address to spread.Therefore,the lack of hidden feature and feasible promulgating paths make that it is easier to detect and defense the ordinary internet worms than P2P worms.Consequently,the P2P worm can do more damage to the network if lacking the effective defensive scheme.In this paper,the P2P worm,especially its transmission mechanism was analyzed synthetically.Then,an anti-worm based scheme for the defensive of P2P worm was presented.The principle and functional modules of this new scheme were addressed as well.By using the Peersim P2P simulator,the performance of our novel scheme was evaluated experimentally in various system parameters.The primary experimental results indicated that our anti-worm based defensive scheme for P2P worm has the features of fast convergence,low overload of networking resource(including communication traffic and computing power),and high adaptability.
出处 《计算机科学》 CSCD 北大核心 2011年第3期57-64,79,共9页 Computer Science
基金 自然科学基金(60973119) 教育部博士点基金(新教师基金)(20070614035)资助
关键词 蠕虫 对等网络蠕虫 对等网络 良性益虫 防御策略 Worm P2P worm P2P network Anti-worm Defensive policy
  • 相关文献

参考文献25

  • 1Kizenzle D M, Elder M C. Recent worms: A survey and trends [C]//Staniford S, ed. Proc. of the ACM CSS Workshop on Rapid Malcode(WORM2003). Washington, 200a.
  • 2Weaver N, Paxson V. Stuart Staniford Robert Cunningharn. A Taxonomy of Computer Worms [C] ff Staniford S, ed. Proe. of the ACM CSS Workshop on Rapid Maleode (WORM2003). Washington, 2003.
  • 3CERT. CERT Advisory CA-2001-26 Nimda Worm [OL]. http://www, cert. org/advisories/ca-2001-26, html.
  • 4Mihai Moldovanu. Ramen Worm Analysis [OL]. http://tfm. profm, ro/index, html,2005.8. 5.
  • 5Moore D, Paxson V, Savage S, et al. Slammer Worm Dissection: Inside the Slammer Worm[J]. IEEE Seurity &Privacy, 2003,1 (4).
  • 6Kumar A,Paxson V,Weaver N. An Analysis of the Witty Outbreak : Exploiting Underlying Structure for Detailed Reconstruction of an Internet-seale Event [C]//Proc. of the ACM CSS Workshop on Rapid Malcode(WORM2005). Washington, 2005.
  • 7郑辉.Santy蠕虫分析报告[R].中国教育和科研计算机网紧急响应组,2004.
  • 8Symantec Inc, VBS. Gnutella[OL]. http://securityresponse, symantec, com/avcenter/venc/data/vbs, gnutella, html.
  • 9Symantec Inc,W32. HLLW. Fizzer@mm[OL]. http://security response, symantec, com/aveenter/venc/data/w32, hllw. fizzer @mm. html.
  • 10KaZaA[OL]. http://www, kazaa, corn.

二级参考文献7

  • 1Dan Lamar Woodham Jr. ,Search Engine Hackers. NTT Communications,December 2004, Tokyo Japan.
  • 2Johnny Long,You found that on Google,http://risker.org/tech/GoogleHacking/files/bh-us-04-long-googlehacking.ppt.
  • 3吴鲁加.利用google进行入侵与渗透[EB/OL].http://www.risker.org/tech/index. html,.
  • 4Mimi,Apollo for Google Hacking,http://worm.ccert.edu.cn/GoogleHacking/Apollo/index.html.
  • 5郑辉.Santy蠕虫分析报告[EB/OL].http://worm.ccert.edu.cn/doc/spark/ Santywormanalysis.doc,.
  • 6Caleb Sima.Exploits & Vulnerabilities—New Trends.http://www.issa.org/anniversary/presentations/Vuln_Exploits—NewTrends.pdf.
  • 7左晓栋,戴英侠.“狮子”蠕虫分析及相关讨论[J].计算机工程,2002,28(1):16-17. 被引量:17

共引文献188

同被引文献14

引证文献2

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部