| 改进的蠕虫特征自动提取模型及算法设计 |
| |
| 引用本文: | 汪颖,康松林.改进的蠕虫特征自动提取模型及算法设计[J].电脑与信息技术,2012,20(4):5-7. |
| |
| 作者姓名: | 汪颖 康松林 |
| |
| 作者单位: | 中南大学信息科学与工程学院,湖南长沙,410083 |
| |
| 基金项目: | 国家自然科学基金资助项目颧目 |
| |
| 摘 要: | 文章提出了一种基于序列比对的蠕虫特征自动提取模型,该模型针对现有蠕虫特征自动提取系统的可疑蠕虫样本流量单来源和粗预处理等问题,提出了对网络边界可疑流量和蜜罐捕获网络流量统一的聚类预处理,并使用改进的T-Coffee多序列比对算法进行蠕虫特征提取。实验分别对Apache-Knacker和TSIG这两种蠕虫病毒进行特征提取,从实验结果可以看出文章提出的模型产生的特征质量优于比较流行的Polygraph、Hamsa两种技术。
|
| 关 键 词: | 蠕虫 特征提取 序列比对 聚类 |
Improved Automatic Generation Model of Worm Signatures |
| |
| WANG Ying,KANG Song-lin.Improved Automatic Generation Model of Worm Signatures[J].Computer and Information Technology,2012,20(4):5-7. |
| |
| Authors: | WANG Ying KANG Song-lin |
| |
| Affiliation: | (School of Information Science and Engineering,Centrl South University,Changsha 410083,China) |
| |
| Abstract: | This paper presents an worm signatures automatic generation model based on sequence aligment,it uses unified filting and clustering processing to enhance the suspicious traffic sample’s purtity,and with the modified T-Coffe multiple sequence alignment algorithm to generate worms signature.For comparative analysis of the signature generation model,this paper use two popular kinds of algorithms—Apache-Knacker algorithm and Hamsa algorithm—to capture the signature of Apache-Knacker and TSIG worms virus.According to the experiment result,the signature generation model which are proposed in this paper is superior to the other two kinds of technology. |
| |
| Keywords: | worm signature generation sequence aligment cluster |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
