| Mirai僵尸网络恶意程序分析和监测数据研究 |
| |
| 作者姓名: | 陈亚亮 戴沁芸 吴海燕 魏征 |
| |
| 作者单位: | 1. 上海交通大学信息安全工程学院,上海 200240;2. 国家计算机网络应急技术处理协调中心上海分中心,上海 201315 |
| |
| 摘 要: | 近年来,随着物联网的兴起,以僵尸网络为代表的恶意程序正在逐渐向物联网领域渗透,已经出现利用物联网脆弱的安全防护进行传播并发动拒绝服务攻击的恶意代码。首先介绍了Mirai僵尸网络的整体架构,对其受控端和控制端等多个组件的主要功能进行了研究;然后对通过主动和被动方式获取的监测数据展开分析,并在此基础上,对Mirai僵尸网络恶意程序的监测发现和应对建议进行了讨论。
|
| 关 键 词: | 僵尸网络 恶意程序 Mirai Shodan TR-064 |
Research on the reverse analyses and monitoring data of Mirai malware botnet |
| |
| Authors: | Ya-liang CHEN Qin-yun DAI Hai-yan WU Zheng WEI |
| |
| Affiliation: | 1. School of Information Security Engineering,Shanghai Jiaotong University,Shanghai 200240,China;2. Shanghai Branch,Coordination Center of China,National Computer Network Emergency Response Technical Team,Shanghai 201315,China |
| |
| Abstract: | In recent years,with the rapid development of Internet of things(IoT),malwares have come into Internet of things,and botnet is the typical one.Malwares spreading through IoT vulnerable devices have emerged.The overall structure of Mirai botnet and the function of its components were introduced,such as bots and C&C server.The monitoring data obtained through active and passive way were analyzed.Based on that,the discovery methods and response modes on such kind of botnet malwares were discussed. |
| |
| Keywords: | botnet malware Mirai Shodan TR-064 |
|
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
