摘要
互联网面临安全隐患,而僵尸网络是最严重的隐患之一。介绍了高速网络环境下数据获取与还原,总结了僵尸网络检测的组织架构,在此基础上设计了僵尸网络检测系统,完成了IRC/HTTP Bot程序检测。在阶段性检测算法基础上设计了僵尸程序检测算法。运用该算法捕获并分析了15天内的监测数据,验证了该系统的有效性。
The computer and the Internet have played an extremely important role in people's working life, but the Internet is still facing a lot of security risks, the botnet is one of the most serious dangers. For the current problems, a botnet detection system was proposed, for high-speed network environment, data acquisition and reduction were introduced. This paper summarizes the organizational structure of botnet detection. On this basis, we design a botnet detection system, which completes the detection of IRC/HTTP Bot program. A zombie program detection algorithm is designed on the basis of the proposed periodic detection algorithm. Using the algorithm to capture and analyze the monitoring data within 15 days, it is concluded that the botnet is still the most serious problem in the current network environment, and the validity of the system is verified.
作者
任斌
周亦敏
REN Bin ZHOU Yi-min(School of Optical-Electrical and Computer Engineering, University of Shanghai for Science and Technology , Shanghai 20009)
出处
《软件导刊》
2017年第10期189-191,共3页
Software Guide
