| 僵尸网络活动调查分析 |
| |
| 引用本文: | 韩心慧,郭晋鹏,周勇林,诸葛建伟,邹 维.僵尸网络活动调查分析[J].通信学报,2007,28(12):167-172. |
| |
| 作者姓名: | 韩心慧 郭晋鹏 周勇林 诸葛建伟 邹 维 |
| |
| 作者单位: | 1. 北京大学,计算机科学技术研究所,北京,100871
2. 国家计算机网络应急技术处理协调中心,北京,100029 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划);国家242信息安全计划基金 |
| |
| 摘 要: | 僵尸网络已经成为网络攻击者首选的攻击平台,用以发起分布式拒绝服务攻击、窃取敏感信息和发送垃圾邮件等,对公共互联网的正常运行和互联网用户的利益造成了严重的威胁。较大规模地发现和监测实际僵尸网络的活动行为并对其规律进行深入调查分析,是更为全面地监测僵尸网络和对其实施反制的必要前提。通过对所监测的1961个实际僵尸网络的活动情况进行了深入调查和分析,从中给出了僵尸网络数量增长情况、控制服务器分布、僵尸网络规模、被控主机分布以及僵尸网络各种攻击行为的分析结果。
|
| 关 键 词: | 僵尸网络 僵尸程序 恶意代码 蜜罐 蜜网 |
| 文章编号: | 1000-436X(2007)12-0167-06 |
| 收稿时间: | 2007-09-05 |
| 修稿时间: | 2007-11-12 |
Investigation on the botnets activities |
| |
| HAN Xin-hui,GUO Jin-peng,ZHOU Yong-lin,ZHUGE Jian-wei,ZOU Wei.Investigation on the botnets activities[J].Journal on Communications,2007,28(12):167-172. |
| |
| Authors: | HAN Xin-hui GUO Jin-peng ZHOU Yong-lin ZHUGE Jian-wei ZOU Wei |
| |
| Abstract: | Botnets have become the first-choice attack platform for the network attackers to launch distributed denial of service attacks, steal sensitive information and send spam. They have raised serious threats to normal operation of the Intemet and the benefits of the Intemet users. The investigation on the wild botnets activities is the necessary for the further monitering and countermeasure against world-wide botnets. Based on the investigation and analysis on tracking records of I 961 wild botnets, it shows the statistical results of botnet activities, including amount of botnets, command and control channel distributions, botnet size and end-host distributions, and various types of botnet attack activities. |
| |
| Keywords: | botnet bot malware honeypot honeynet |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
|
