摘要
网络蠕虫攻击在各种网络安全威胁因素中位居首位,虽然现今已有一些成熟的入侵检测技术,但不足以应对复杂多变的蠕虫攻击。针对网络中蠕虫存在相互合作的复杂关系,该文提出了在僵尸蜜网的拓扑结构下,采用P2P技术的良性蠕虫对抗合作型蠕虫传播模型,良性蠕虫利用分片传输机制来实现自主、快速的查杀恶意蠕虫,为易感染主机修补漏洞。实验结果证明基于僵尸蜜网的良性蠕虫查杀合作型蠕虫的方法效果良好。
Network security meets more problems especially the threat of Internet worms.Although there are already some mature intru sion detection technologies,it does not always work well on new Internet worm attacks.A potential anti-cooperative worm propagation approach based on Bot-honeynet topological structure and pure P2P principle is proposed in this paper.Anti-worms can achieve quick self-propagation performance by using fragmentation.They kill malicious worms and simultaneously patches for susceptible hosts.From these experiments,it can prove that bot-honeynet based anti-cooperative worm performs better in controlling malicious worm propaga tion.
出处
《电脑知识与技术》
2012年第1X期586-589,共4页
Computer Knowledge and Technology
关键词
入侵检测
僵尸蜜网
P2P技术
蠕虫传播模型
合作型蠕虫
intrusion detection technologies
bot-honeynet
P2P technology
worm propagation model
cooperative worm
