| 一种改进的多态蠕虫特征提取算法 |
| |
| 引用本文: | 秦燊,劳翠金.一种改进的多态蠕虫特征提取算法[J].计算机工程,2012,38(9):153-154,176. |
| |
| 作者姓名: | 秦燊 劳翠金 |
| |
| 作者单位: | 柳州城市职业学院信息工程系,广西柳州,545002 |
| |
| 基金项目: | 2011年度广西教育厅科研基金资助项目“基于虚拟化技术的校园网络安全研究”(201106LX821) |
| |
| 摘 要: | 大多数多态蠕虫特征提取方法不能很好地处理噪音,提取出的蠕虫特征无法对多态蠕虫进行有效检测。为此,提出一种改进的多态蠕虫特征提取算法。采用Gibbs算法从包含n条序列(包括k条蠕虫序列)的可疑流量池中提取出蠕虫特征,在识别蠕虫序列的过程中基于color coding技术提高算法的运行效率。仿真实验结果表明,该算法能够减少时间和空间开销,即使可疑池中存在噪音,也能有效地提取多态蠕虫。
|
| 关 键 词: | 多态蠕虫 特征提取 彩色编码 可疑池 Gibbs算法 |
| 收稿时间: | 2011-07-08 |
Improved Feature Extraction Algorithm of Polymorphic Worms |
| |
| QIN Shen
,
LAO Cui-jin.Improved Feature Extraction Algorithm of Polymorphic Worms[J].Computer Engineering,2012,38(9):153-154,176. |
| |
| Authors: | QIN Shen LAO Cui-jin |
| |
| Affiliation: | (Department of Information Engineering,Liuzhou City Vocational College,Liuzhou 545002,China) |
| |
| Abstract: | Aiming at the problem of the current polymorphic worm feature extraction method does not handle noise,and the worm features which are extracted can not detect polymorphic worms effectively,this paper proposes an improved feature extraction algorithm.This algorithm extracts the features of the worm from the suspicious flow pool which have k worm series in n series by the Gibbs algorithm,then uses the method of color coding to improve the efficiency of algorithms’ run in the process of identifying the worm series.Simulation results show that this approach can reduce the time and space overhead.Compared with the existing feature extraction algorithms,this algorithm can effectively extract the polymorphic worm when there is noise in the suspicious pool. |
| |
| Keywords: | polymorphic worm feature extraction color coding suspicious pool Gibbs algorithm |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
