共查询到19条相似文献,搜索用时 718 毫秒
1.
在研究了目前广泛应用的P2P下载协议BitTorrent协议的基础上提出了一种可以替换BitTorrent下载内容的方法,并通过实验结果验证了其可行性。进而提出了关于BitTorrent协议本身以及所有通过BitTorrent协议下载的BT客户端的安全性问题,并且为监控和限制BT客户端通过BitTorrent协议共享盗版,甚至非法内容提供了可行的解决方案。 相似文献
2.
以BitTorrent为代表的P2P应用流量已占据电信运营商网络流量的60%以上,由于BitTorrent客户端主要依据上传速度来选择传输节点,并不能检测到同一区域网络中存在具有相同数据的客户端,导致经常出现通过网间路由器的重复流量,降低了带宽的使用效率。提出通过设置透明的代理tracker服务器和设立分布式的peer缓存管理系统,使得将BitTorrent流量尽量控制在区域网络范围内,减少通过骨干路由的流量,同时使得BitTorrent客户端也能得到更快速的下载。 相似文献
3.
4.
5.
6.
自防御网络中客户端Agent的研究与实现 总被引:1,自引:0,他引:1
主要研究自防御网络计划中的网络准入控制功能。介绍自防御网络的概念、功能以及处于自防御网络最前端的部分-客户端Agent的功能;自防御网络系统的设计方法。重点介绍客户端Agent的设计以及其各个组成模块的功能、设计方法。最后搭建测试环境并进行测试,测试结果均达到预期的效果。 相似文献
7.
客户端蜜罐原理及应用研究 总被引:3,自引:3,他引:0
文章阐述了用于检测客户端攻击的客户端蜜罐系统原理,并对两类以交互级别区分的客户端蜜罐进行了分析比较。同时,文章还深入分析了代码混淆、url重定向、页面隐藏等技术对客户端蜜罐应用产生的影响以及客户端蜜罐可以采取的相应对策。最后,文章提出了一种可以提高检测效率以及准确率的改进的应用策略。 相似文献
8.
主要介绍DOS/DDOS攻击的原理与种类,并着重介绍防御DOS/DDOS攻击的应对策略,并结合专业防御系统对构建专业防御体系进行了探讨。 相似文献
9.
测量分析P2P文件共享系统是解决P2P优化、网络管理等问题的基础。当前P2P网络设计日趋复杂,并且部分运行机制直接导致测量数据不完整或测量周期过长,比如BitTorrent文件共享系统。针对这一问题,本文抽象出BitTorrent系统的3个测量层次,包括索引测量、节点测量和内容测量,并重点解决了3个层次中的测量难题,设计实现了一个面向BitTorrent的测量系统。在此基础上,本文对BitTorrent系统进行了持续测量,并重点分析了BitTorrent系统的节点行为:节点演化规律和节点到达模型。测量结果表明,节点演化规律和节点到达均呈现强烈的周期性。为此,本文改进了节点到达模型,新模型与实际测量数据拟合效果较好,进一步修正了节点到达模型。 相似文献
10.
端口扫描与反扫描技术研究 总被引:2,自引:0,他引:2
对目标系统进行端口扫描,是网络系统入侵者进入目标系统的第一步。随着技术的发展,出现了越来越多的扫描工具,不仅能进行普通扫描,还能实现隐蔽扫描,对目标系统安全造成严重隐患。首先讨论了目前常用的端口扫描技术及其特点,并对这种基于空闲主机的隐蔽端口扫描方法进行详细分析。通过对端口扫描和反扫描技术的研究,提出了一种有效防御空闲主机扫描的改进方案,并给出了具体实现策略和测试结果。这种改进方案不仅能有效防御常规的端口扫描,也能有效防御SYN隐蔽扫描。 相似文献
11.
Wen Tian Xiao‐Peng Ji Weiwei Liu Jiangtao Zhai Guangjie Liu Yuewei Dai Shuhua Huang 《ETRI Journal》2019,41(5):585-598
A cyber‐physical system (CPS) is a new mechanism controlled or monitored by computer algorithms that intertwine physical and software components. Advanced persistent threats (APTs) represent stealthy, powerful, and well‐funded attacks against CPSs; they integrate physical processes and have recently become an active research area. Existing offensive and defensive processes for APTs in CPSs are usually modeled by incomplete information game theory. However, honeypots, which are effective security vulnerability defense mechanisms, have not been widely adopted or modeled for defense against APT attacks in CPSs. In this study, a honeypot game‐theoretical model considering both low‐ and high‐interaction modes is used to investigate the offensive and defensive interactions, so that defensive strategies against APTs can be optimized. In this model, human analysis and honeypot allocation costs are introduced as limited resources. We prove the existence of Bayesian Nash equilibrium strategies and obtain the optimal defensive strategy under limited resources. Finally, numerical simulations demonstrate that the proposed method is effective in obtaining the optimal defensive effect. 相似文献
12.
针对无线传感器网络各节点在安全需求与资源消耗上存在的矛盾,提出一种基于博弈论的无线传感网络节点优化博弈模型.首先,通过分析网络节点中攻击方的攻击代价与防守方的防守开销,基于博弈论分析攻防双方的效用函数并构造攻防博弈模型;其次,根据网络节点中攻防双方选择的不同行动策略,结合信息论技术将攻防双方抽象成随机变量,并设计博弈信... 相似文献
13.
14.
To solve the problem of the optimal strategy selection for moving target defense,the defense strategy was defined formally,the defense principle from the perspective of attack surface shifting and exploration surface enlarging was taken into account.Then,network attack-defense behaviors were analyzed from the sight of dynamic confrontation and bounded information.According to the analysis of attack-defense game types and confrontation process,the moving target defense model based on signaling game was constructed.Meanwhile,the method to quantify strategies was improved and the solution of perfect Bayesian equilibrium was proposed.Furthermore,the optimal defense strategy selection algorithm was designed by the equilibrium analysis.Finally,the simulation demonstrates the effectiveness and feasibility of the proposed optimal strategy and selection method. 相似文献
15.
Network mimic defense technology enhances the robustness of active defense through the redundancy,dynamic and diversity as well as the decision feedback mechanism.However,little work has been done for its security assessment and existing classic game models are not suitable for its dynamic characteristics and lack of universality.A Markov game model was proposed to analyze the transfer relationship between offensive and defensive status and the measurement method of safety and reliability of mimic defense,and calculated the offensive and defensive game equilibrium through non-linear programming algorithm to determine the best defensive strategy considering performance.Experiments give a comparison with the multi-target hiding technique and shows that the mimic defense has a higher defensive effect.Combining with the specific network case,the specific attack and defense path for the exploit of the system vulnerability is given and the effectiveness of the defense strategy algorithm is verified. 相似文献
16.
Intrusion detection system (IDS) often inevitably presents major security risks caused by FPs and FNs.However,at present,an effective solution has not been found.In order to solve this problem,an optimal response model of intrusion detection based on information theory was proposed.Firstly,the intruder and IDS in the process of intrusion detection were abstracted into random variables,and the attack and defense model of intruder and IDS was constructed according to the results of the confrontation.Secondly,the defense channel of IDS was designed according to the attack and defense model,then the correct detection of IDS was transformed into the problem of successful transmission of 1 bit information in defensive channel.Finally,the defensive capability of the system was measured by analyzing the channel capacity of the defensive channel,the maximum mutual information of the defensive channel was the defensive limit capability of the IDS,and the corresponding strategy distribution was the optimal response strategy of the defensive capability of the system.The experimental results show that the scheme can effectively reduce the loss caused by FPs and FNs. 相似文献
17.
协作频谱感知可以提高频谱感知的可靠性,但其融合机制使得其易受频谱感知数据篡改(spectrum sensing data falsification,SSDF)攻击影响.为深入了解SSDF攻击防御算法的发展现状及趋势,总结了SSDF攻击典型的分布式防御策略,并对相应分布式防御算法进行了比较.最后依据目前相关研究中所发现的问题,对SSDF攻击分布式防御策略未来的研究方向进行了展望. 相似文献
18.
We address the problem of information system survivability, or dynamically preserving intended functionality & computational performance, in the face of malicious intrusive activity. A feedback control approach is proposed which enables tradeoffs between the failure cost of a compromised information system and the maintenance cost of ongoing defensive countermeasures. Online implementation features an inexpensive computation architecture consisting of a sensor-driven recursive estimator followed by an estimate-driven response selector. Offline design features a systematic empirical procedure utilizing a suite of mathematical modeling and numerical optimization tools. The engineering challenge is to generate domain models and decision strategies offline via tractable methods, while achieving online effectiveness. We illustrate the approach with experimentation results for a prototype autonomic defense system which protects its host, a Linux-based web-server, against an automated Internet worm attack. The overall approach applies to other types of computer attacks, network-level security and other domains which could benefit from automatic decision-making based on a sequence of sensor measurements. 相似文献
19.
王鹏选 《电子工业专用设备》2008,37(8)
首先从定向凝固的原理讲起,其中涉及定向凝固的一些重要的工艺参数以及多晶硅铸锭的组织结构;其次,介绍了多晶硅铸锭的几种凝固方法,尤其着重讲了一下热交换法的应用;并在结尾提到了现在铸锭法中需要改进和解决的主要问题。 相似文献