摘要
针对现有P2P僵尸网络抗追踪性较差的问题,提出了一种P2P僵尸网络跨域体系结构(CRA).CRA将僵尸主机间的通信严格限制在不同的域之间,并引入IP伪造技术隐藏通信的源IP.考虑到监控全球互联网的不可行性以及IP溯源的困难性,现实中防御者将很难对CRA展开追踪.模拟实验结果表明,较之当前主流的P2P僵尸网络体系结构,CRA具备更好的抗追踪性和鲁棒性.
To construct a tracking-resistant P2P botnet,a Cross-Realm Architecture(CRA)was proposed.CRA strictly restricts bots’interactions across different realms and hides the origins of bots’interactions by IP spoofing.Considering the infeasibility of monitoring the global Internet and the difficulty of IP traceback,it is very hard for defenders to track CRA in the real world.The simulation results show that compared to recent popular P2P botnet architectures,CRA has better anti-tracking performance and robustness.
作者
庹宇鹏
张永铮
尹涛
TUO Yu-peng;ZHANG Yong-zheng;YIN Tao(Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China;School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China)
出处
《电子学报》
EI
CAS
CSCD
北大核心
2018年第4期791-796,共6页
Acta Electronica Sinica
基金
国家自然科学基金(No.61572496)
