| 基于客户端蜜罐的恶意网页检测系统的设计与实现 |
| |
| 引用本文: | 孙晓妍,王洋,祝跃飞,武东英. 基于客户端蜜罐的恶意网页检测系统的设计与实现[J]. 计算机应用, 2007, 27(7): 1613-1615 |
| |
| 作者姓名: | 孙晓妍 王洋 祝跃飞 武东英 |
| |
| 作者单位: | 信息工程大学,信息工程学院,郑州,450002;信息工程大学,信息工程学院,郑州,450002;信息工程大学,信息工程学院,郑州,450002;信息工程大学,信息工程学院,郑州,450002 |
| |
| 摘 要: | 分析基于网页的恶意行为特点,设计一个基于客户端蜜罐的恶意网页检测系统。该系统将蜜罐与爬虫相结合,通过设计一个网络爬虫来获取url数据源,利用蜜罐内的客户段引擎自动化启动Internet Explorer浏览网页,并监控通过浏览恶意网页下载的恶意软件。最后,分析恶意代码,将恶意网页加入黑名单。
|
| 关 键 词: | 恶意软件 客户端蜜罐 Internet Explorer 网络爬虫 |
| 文章编号: | 1001-9081(2007)07-1613-03 |
| 收稿时间: | 2007-01-22 |
| 修稿时间: | 2007-01-21 |
Design and implementation of mal-webpage detection system based on honeyclient |
| |
| SUN Xiao-yan,WANG Yang,ZHU Yue-fei,WU Dong-ying. Design and implementation of mal-webpage detection system based on honeyclient[J]. Journal of Computer Applications, 2007, 27(7): 1613-1615 |
| |
| Authors: | SUN Xiao-yan WANG Yang ZHU Yue-fei WU Dong-ying |
| |
| Affiliation: | Institute of Information Engineering, Information Engineering University, Zhengzhou Henan 450002, China |
| |
| Abstract: | Now,Internet Explorer is the most popular client software which malwares often use.In allusion to such threats to Internet Explorer,the characters of Web attack were analyzed,and a mal-webpage detection system based on honeyclient was designed,in which spider was combined with honeypot.In the system,spider was used to collect source of urls,then client-engine automatically created Internet Explorer processes,and device-driven detector was used to detect malwares coming through Internet Explorer.In the end,the malicious webpage's url was added to the black list and the malware database was enlarged. |
| |
| Keywords: | malware honeyclient Internet Explorer spider |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
|
