期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于流量聚类分析的P2P僵尸网络检测模型 被引量:1

A P2P Botnet Detection Model Based on Traffic Clustering Analysis
下载PDF
导出
摘要 P2P僵尸网络作为僵尸网络的高级形式具有分布式的结构,隐蔽性高,难于检测。基于僵尸网络的群体相似性,提出一种高效的P2P僵尸网络检测模型,能够将P2P僵尸程序流量从正常P2P文件共享程序流量中分离出来,具有较低的漏报率。 As advanced forms of botnets, P2P botnets employ decentralized substrates to gain stealthy and robustness and are difficult to detect. Proposes an efficient detection model based on group sim- ilarity in botnet which can separate botnet traffic from the background traffic of P2P file-shar- ing systems. Evaluation test shows the model has low false negative.
作者 魏苏林 张雪东 常郝 王浩
机构地区 安徽财经大学管理科学与工程学院
出处 《现代计算机(中旬刊)》 2012年第10期17-20,共4页 Modern Computer
基金 安徽省高校自然科学研究项目(No.KJ2010B282 No.KJ2011B002)
关键词 僵尸网络 P2P NETFLOW 恶意代码 Botnet Peer-to-Peer NetFlow Malicious Code
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

  • 1杜勤,吕光丽,苏忠,林繁,张少华.P2P僵尸网络研究与进展[J].计算机科学,2011,38(B10):66-71. 被引量:2
  • 2Kang J., Song Y. Z., Zhang J. Y. Accurate Detection of Peerto-Peer Botnet Using Multi-Stream Fused Scheme. Journal of Networks, 6(5), 807-814. doi:10.4304/jnw.6.5.807-814.
  • 3T. F. Yen,M. K. Reiter. Traffic Aggregation for Malware Detection. In DIMVA "08: Proceedings of the 5th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Pages 207-227, Berlin, Heidelberg, 2008.Springer-Verlag.
  • 4G. Gu, J. Zhang, W. Lee. BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic. In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS'08), 2008.
  • 5Guo-fei Gu, Roberto Perdisci, Junjie Zhang, Wenke Lee, BotMiner. Clustering Analysis of Network Traffic for Protoco and Structure-Independent Botnet Detection, Proceedings of the 17th Conference on Security Symposium, p.139-t54, July 28-August 01, 2008, San Jose, CA.
  • 6Yen T.-F., Reiter M. K. Are Your Hosts Trading or Plotting Telling P2P File-Sharing and Bots Apart. 2010 IEEE 30th International Conference on Distributed Computing Systems, 241-252. doi:10.1109/ICDCS.2010.76.
  • 7苏瑞.基于层次的模糊K均值聚类算法研究[J].安阳师范学院学报,2010(2):47-50. 被引量:3

二级参考文献38

  • 1Domany E.Superparamagnetic C1 ustering of Data-The Definitive Solution of an Ill-Posed Problem[J].Physica A,1999,(263):158-169.
  • 2Blatt M,Wiseman S,Domany E.Super-paramagnetic Clustering of Data[J].Physical Review Letters,1996,(76):3 251-3 255.
  • 3Blatt M,Wiseman S,Domany E.Clustering Data through an Analogy to the Potts Model[A].Advances in Neural Information Processing System[C].M IT Press,1996.
  • 4Blatt M,Wiseman S,Domany E.Data Clustering Using a Model Granular Magnet[J].Neural Computation,1997,(9):1805-1842.
  • 5Kalt C. Internet relay chat: architecture[Z]. Request for Comments:RFC 2810. 2000.
  • 6Banday M, Qadri J, Shah N. Study of Botnets and their threats to Internet Security[J]. Sprouts: Working Papers on Information Syst eros, 9 ( 2 4 ).
  • 7Botnets W C. Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress[R]. CRS Report for Congress. 2008.
  • 8Grizzard J, Sharma V, Nunnery C. Peer-to-Peer Botnets: Overview and Case Study[C]//Proc. of the 1st Workshop on Hot Topics in Understanding Botnet(HotBots 2007). 2007.
  • 9Li J, Ehrenkranz T, Kuenning G, et al. Simulation and Analysis on the Resiliency and Efficiency of Malnets[C] //Pro. of the IEEE Syrnp. on Measurement, Modeling and Simulation of Malware(MMSM 2005). Monterey: IEEE Computer Society Press, 2005 : 262-269.
  • 10Arce I,Levy E. An Analysis of the Slapper Worm[J].The IEEE Security & Privacy, 2003,1 (1) : 82-87.

共引文献3

同被引文献9

引证文献1

二级引证文献10

现代计算机(中旬刊)
2012年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部