| 面向网络安全的关于僵尸网络的研究 |
| |
| 引用本文: | 孔雪辉,王述洋,黎粤华.面向网络安全的关于僵尸网络的研究[J].中国安全科学学报,2009,19(7). |
| |
| 作者姓名: | 孔雪辉 王述洋 黎粤华 |
| |
| 作者单位: | 东北林业大学机电工程学院,哈尔滨,150040 |
| |
| 摘 要: | 对僵尸网络进行系统全面的分析和研讨,给出了僵尸网络的基本定义、分类、危害和发展过程;深入剖析僵尸网络的功能结构与工作原理,探讨僵尸网络的发展趋势和进一步的研究方向;在总结目前跟踪、检测和防御僵尸网络的最新研究成果的基础上,提出利用僵尸网络产生异常行为的规律性进行行为特征统计分析的检测方法、通过部署蜜罐对僵尸网络进行行为仿真的检测方法和监控僵尸网络流量数据特征的流量数据特征匹配的检测方法;通过对大量的僵尸网络活动的分析,提出了6种有效的防范僵尸网络的措施。
|
| 关 键 词: | 僵尸网络 僵尸程序 网络安全 恶意软件 蜜网 |
Research on Network Security against Botnets |
| |
| KONG Xue-hui,WANG Shu-yang,LI Yue-hua.Research on Network Security against Botnets[J].China Safety Science Journal,2009,19(7). |
| |
| Authors: | KONG Xue-hui WANG Shu-yang LI Yue-hua |
| |
| Abstract: | Botnet is systematically analyzed and discussed,and its definition,classification,harm and evolution process are introduced. The functional structure and work principles of botnet are explored. Developing trends of botnet and further topics in this area are discussed. Based on the summarization of the latest techniques on botnet tracking,detection and prevention,the detection method based on the regularity of botnet abnormal behavior,the detection method based on behavior simulation through the honey-net and the detection method based on monitoring the characteristics of network data flow are presented. Through analyzing the activity of botnet,six kinds of prevention measures are proposed. |
| |
| Keywords: | botnet bot program network security mal-software honey-net |
| 本文献已被 万方数据 等数据库收录! |
|
