共查询到20条相似文献,搜索用时 15 毫秒
1.
2.
3.
数以百万计的网络用户使用P2P网络来共享文件。但在P2P网络中,蠕虫则感染了大量的漏洞主机,并对信息设施和终端系统带来巨大的破坏。该文分析了P2P体系结构内在的风险,阐明了P2P蠕虫所带来的威胁,并且列举了威胁P2P网络的3种非扫描类型的螭虫:被动式蠕虫,反应式蠕虫和主动式蠕虫。鉴于这种情况,该文提出了一种能够减轻P2P蠕虫威胁的对策。 相似文献
4.
5.
6.
本文对P2P网络共享的特性和被动型蠕虫的传播特点进行了剖析.并基于模型试验结果的基础上举出了3个分别针对于蠕虫传描的模型。 相似文献
7.
8.
Propagation of passive worms in unstructured peer-to-peer (P2P) networks can result in significant damages and the loss of network security. This paper obtains the average delay for all peers in the entire transmitting process, and proposes a mathematical model for simulating unstructured P2P networks-based passive worms' propagation taking into account network throughput. According to the file popularity which follows the Zipf distribution, we propose a new healthy file dissemination-based defense strategy. Some parameters related to the propagation of passive worms are studied based on the proposed model. Finally, the simulation results verify the effectiveness of our model, which can provide an important guideline in the control of passive worms in unstructured P2P networks. 相似文献
9.
10.
对等网络蠕虫利用对等网络的固有特征(如本地路由表、应用层路由等),不仅复制快,而且提供了更好的隐蔽性和传播性,因而其危害大,防御困难。从分析互联网蠕虫及其传播机制入手,对对等网络上的蠕虫(即P2P蠕虫)及其特殊性进行了综合分析。在此基础之上,提出了基于良性益虫的被动激活主动传播防御策略(PAIFDP),并对该策略的技术原理和响应防御系统的功能模块等进行了详细设计。以Peersim仿真平台为基础,对各种不同网络参数下的防御效果和资源消耗情况进行了实验分析。结果表明,基于良性益虫的P2P蠕虫防御技术具有收敛时间快、网络资源消耗少、适应性强等特点。 相似文献
11.
Contagion蠕虫传播仿真分析 总被引:2,自引:0,他引:2
Contagion 蠕虫利用正常业务流量进行传播,不会引起网络流量异常,具有较高的隐蔽性,逐渐成为网络安全的一个重要潜在威胁.为了能够了解Contagion蠕虫传播特性,需要构建一个合适的仿真模型.已有的仿真模型主要面向主动蠕虫,无法对Contagion蠕虫传播所依赖的业务流量进行动态模拟.因此,提出了一个适用于Contagion蠕虫仿真的Web和P2P业务流量动态仿真模型,并通过选择性抽象,克服了数据包级蠕虫仿真的规模限制瓶颈,在通用网络仿真平台上,实现了一个完整的Contagion蠕虫仿真系统.利用该系统,对Contagion蠕虫传播特性进行了仿真分析.结果显示:该仿真系统能够有效地用于Contagion蠕虫传播分析. 相似文献
12.
P2P网络中沉默型蠕虫传播建模与分析 总被引:5,自引:0,他引:5
蠕虫给Internet带来巨大威胁,给作为Internet覆盖网的P2P网络带来的威胁更大,这主要是由P2P网络本身的特点决定的(就是这些特点为用户带来巨大方便).考虑到威胁P2P网络的3种蠕虫中沉默型蠕虫传播模型还没有被提出(其他2种分别为被动型蠕虫和主动型蠕虫)和沉默型蠕虫的巨大危害性,提出了沉默型蠕虫的传播模型和免疫模型,并基于该模型推导出了沉默型蠕虫不会流行的条件.为了考查各个P2P参数对蠕虫传播的影响和从实践上验证推导出的蠕虫不会流行的条件,使用Matlab进行了大量仿真实验.实验表明,理论推导出的蠕虫不会流行的条件是正确的;实验还进一步表明,蠕虫的流行程度是由流行指数来决定的,这为提出蠕虫控制策略提供了依据.通过对决定流行指数的几个参数的分析表明,在发现蠕虫时迅速降低下载率是补丁发布前控制蠕虫最有效的办法. 相似文献
13.
Xia Chunhe Shi Yunping Li Xiaojian Gao Wei 《Frontiers of Computer Science in China》2007,1(1):114-122
P2P worm exploits common vulnerabilities and spreads through peer-to-peer networks. Despite being recognized as a potential
and deadly threat to the Internet recently, few relevant countermeasures are found in extant literature. Once it breaks out,
a P2P worm could result in unpredictable losses. Based on propagation characteristics of the worm, this paper presents a detection
method called PWD (P2P Worm Detection), which is designed based on application identification and unknown worm detection.
Simulation result and LAN-environment experiment result both indicate that PWD is an effective method to detect and block
P2P worms.
Translated from Journal of Beijing University of Aeronautics and Astronautics, 2006, 32(8): 998–1002 [译自: 北京航空航天大学学报] 相似文献
14.
At present, P2P worm poses a serious threat to the Internet infrastructure and common users since it spreads extremely fast and is hard to be detected in early stage. In this paper, we propose a Four-factors Propagation Model (FPM) for passive P2P worms. There are two major contributions of this paper. Firstly, we take four critical factors—address hiding, configuration diversity, online/offline behaviors and download duration into consideration. As far as we know, the first two factors have not been considered in existing models yet. Secondly, we explicitly derive the differential equations of our FPM. Then worm behaviors in steady state are researched in depth by numerical methods. The following simulations give two suggestions for worm quarantining. On one hand, worms can be slowed down by increasing the proportion of hosts with internal addresses. One the other, breaking the configuration monocultures of hosts is an efficient way to contain worms. 相似文献
15.
Active worms propagate across networks by employing the various target discovery techniques. The significance of target discovery
techniques in shaping a worm’s propagation characteristics is derived from the life cycle of a worm. The various target discovery
techniques that could be employed by active worms are discussed. It is anticipated that future active worms would employ multiple
target discovery techniques simultaneously to greatly accelerate their propagation. To accelerate a worm’s propagation, the
slow start phase in the worm’s propagation must be shortened by letting the worm infect the first certain percentage of susceptible
hosts as soon as possible. Strategies that future active worms might employ to shorten the slow start phase in their propagation
are studied. Their respective cost-effectiveness is assessed. A novel active defense mechanism is proposed, which could be
an emerging solution to the active worm problem. Our major contributions in this article are first, we found the combination
of target discovery techniques that can best accelerate the propagation of active worms; second, we proposed several strategies
to shorten a worm’s slow start phase in its propagation and found the cost-effective hit-list size and average size of internally
generated target lists; third, we proposed a novel active defense mechanism and evaluated its effectiveness; and fourth, we
proposed three novel discrete time deterministic propagation models of active worms. 相似文献
16.
Benign worms have been attracting wide attention in the field of worm research due to the proactive defense against the worm propagation and patch for the susceptible hosts. In this paper, two revised Worm?CAnti-Worm (WAW) models are proposed for cloud-based benign worm countermeasure. These Re-WAW models are based on the law of worm propagation and the two-factor model. One is the cloud-based benign Re-WAW model to achieve effective worm containment. Another is the two-stage Re-WAW propagation model, which uses proactive and passive switching defending strategy based on the ratio of benign worms to malicious worms. This model intends to avoid the network congestion and other potential risks caused by the proactive scan of benign worms. Simulation results show that the cloud-based Re-WAW model significantly improves the worm propagation containment effect. The cloud computing technology enables rapid delivery of massive initial benign worms, and the two stage Re-WAW model gradually clears off the benign worms with the containment of the malicious worms. 相似文献
17.
18.
P2P下蠕虫的传播将是未来蠕虫发展的方向,分析P2P系统中蠕虫传播的现状,给出其扫描策略,并通过分析蠕虫的扫描算法,定义了两个蠕虫传播模型,并在此基础给出综合的防治策略。 相似文献
19.
P2P系统的可靠性主要取决于覆盖网节点问的连通性,而割点和小规模点割集对网络连通性的危害很大,它们的失效或离开能使覆盖网变得四分五裂。本文提出一种P2P环境下点割集的被动分布式发现算法,在无法获得网络全局信息的情况下,节点仅依靠对收到消息的统计和分析就能够自主判断自己是否为割点或属于2点割,并采取相应措施消除其为系统带来的不稳定因素。该算法准确性高、开销低,割集消除对提高覆盖网可靠性的效果显著。 相似文献