排序方式: 共有121条查询结果,搜索用时 15 毫秒
1.
2.
僵尸网络作为近年来危害互联网的重大安全威胁之一,引起了研究者的广泛关注。论文通过分析僵尸网络工作过程中各阶段表现出的异常行为特征,提出了基于异常行为监控的僵尸网络发现技术,详细阐述了僵尸网络发现系统的原理及系统框架结构,并对其关键技术进行了设计实现。 相似文献
3.
基于异常行为特征的僵尸网络检测方法研究 总被引:1,自引:0,他引:1
基于僵尸网络通信及网络流量的异常行为,可以有效检测出僵尸频道。介绍了通过对主机响应信息的异常分析,进而判断出当前IRC频道是否为一个僵尸频道的检测算法。由此引入了基于异常行为的僵尸频道检测模型,该模型分类提取IRC频道的主机响应信息,结合检测算法分析得出结论。实验结果验证了该模型的有效性。 相似文献
4.
5.
现有的IRC botnet检测技术不适合控制命令交互不频繁的botnet检测。为了实现小规模隐秘僵尸网络的检测,提出了一种基于序列分析的僵尸网络检测模型,对现有的被动检测技术进行补充。讨论了几种探测技术和检测算法,根据客户端响应类型选择检测算法,分析了平均检测轮数,只须观察少量的命令控制交互,能够对单个或多个IRC僵尸主机进行检测。实验结果表明,在保证误报率和漏报率的前提下该方法能在预定检测轮数内完成判定。 相似文献
6.
针对现有Domain-flux僵尸网络检测方法在检测范围方面的不足,提出基于域名访问活跃特征的Domain-flux僵尸网络域名检测方法。通过阐述Domain-flux僵尸网络所利用的域名集合在访问方面所表现出的时间行为特征,提出一种基于域名访问活跃特征的检测算法,给出检测算法的具体描述、检测处理流程及系统整体结构,利用某运行商DNS服务器镜像数据实验验证检测算法。实验结果显示,检测算法不依赖于具体的域名字符特征,可以有效过滤出Domain-flux僵尸网络所利用的域名。 相似文献
7.
浅述物联网设备系统存在的安全风险及僵尸家电网络 总被引:1,自引:0,他引:1
文章从几个方面结合已发生过的与物联网有关的安全事件,对未来物联网通信、设备系统及设备上应用可能面临的风险做了重点阐述。 相似文献
8.
Fateme Faraji Daneshgar Maghsoud Abbaspour 《International Journal of Communication Systems》2019,32(13)
Botnet is a distributed platform for illegal activities severely threaten the security of the Internet. Fortunately, although their complicated nature, bots leave some footprints during the C&C communication that have been utilized by security researchers to design detection mechanisms. Nevertheless, botnet designers are always trying to evade detection systems by leveraging the legitimate P2P protocol as C&C channel or even mimicking legitimate peer‐to‐peer (P2P) behavior. Consequently, detecting P2P botnet in the presence of normal P2P traffic is one of the most challenging issues in network security. However, the resilience of P2P botnet detection systems in the presence of normal P2P traffic is not investigated in most proposed schemes. In this paper, we focused on the footprint as the most essential part of a detection system and presented a taxonomy of footprints utilized in behavioral P2P botnet detection systems. Then, the resilience of mentioned footprints is analyzed using three evaluation scenarios. Our experimental and analytical investigations indicated that the most P2P botnet footprints are not resilient to the presence of legitimate P2P traffic and there is a pressing need to introduce more resilient footprints. 相似文献
9.
10.
Muhammad Nadeem Ali Arshad Saman Riaz SyedaWajiha Zahra Muhammad Rashid Shahab S. Band Amir Mosavi 《计算机、材料和连续体(英文)》2023,74(2):2641-2654
Cloud computing is one of the most attractive and cost-saving models, which provides online services to end-users. Cloud computing allows the user to access data directly from any node. But nowadays, cloud security is one of the biggest issues that arise. Different types of malware are wreaking havoc on the clouds. Attacks on the cloud server are happening from both internal and external sides. This paper has developed a tool to prevent the cloud server from spamming attacks. When an attacker attempts to use different spamming techniques on a cloud server, the attacker will be intercepted through two effective techniques: Cloudflare and K-nearest neighbors (KNN) classification. Cloudflare will block those IP addresses that the attacker will use and prevent spamming attacks. However, the KNN classifiers will determine which area the spammer belongs to. At the end of the article, various prevention techniques for securing cloud servers will be discussed, a comparison will be made with different papers, a conclusion will be drawn based on different results. 相似文献