摘要
以Web服务器为控制目标的僵尸网络逐渐兴起,传统命令控制信道模型无法准确预测该类威胁。对传统Webshell控制方式进行改进,提出一种树状拓扑结构的信道模型。该模型具备普适和隐蔽特性,实验证明其命令传递快速可靠。总结传统防御手段在对抗该模型时的局限性,分析该信道的固有脆弱性,提出可行的防御手段。
With the rapid rising of Web server-based botnets, traditional channel models were unable to predict threats from them. Based on improving traditional Webshell control method, a command and control channel model based on tree structure was proposed. The model was widely applicable and stealthy and the simulation experimental results show it can achieve rapid and reliable commands delivery. After summarizing the limitations of current defenses against the proposed model, the model's inherent vulnerabilities is analyzed and feasible defense strategies are put forward.
出处
《通信学报》
EI
CSCD
北大核心
2016年第6期11-19,共9页
Journal on Communications
基金
国家自然科学基金资助项目(No.61303239)
国家高技术研究发展计划("863"计划)基金资助项目(No.2012AA012902)~~
