| 基于Webshell的僵尸网络研究 |
| |
| 引用本文: | 李 可,方滨兴,崔 翔,刘奇旭,严志涛.基于Webshell的僵尸网络研究[J].通信学报,2016,37(6):11-19. |
| |
| 作者姓名: | 李 可 方滨兴 崔 翔 刘奇旭 严志涛 |
| |
| 作者单位: | 1. 北京邮电大学计算机学院,北京 100876;2. 中国科学院信息工程研究所,北京 100093 |
| |
| 基金项目: | 国家自然科学基金资助项目(No.61303239);国家高技术研究发展计划(“863”计划)基金资助项目(No.2012AA012902) |
| |
| 摘 要: | 以Web服务器为控制目标的僵尸网络逐渐兴起,传统命令控制信道模型无法准确预测该类威胁。对传统Webshell控制方式进行改进,提出一种树状拓扑结构的信道模型。该模型具备普适和隐蔽特性,实验证明其命令传递快速可靠。总结传统防御手段在对抗该模型时的局限性,分析该信道的固有脆弱性,提出可行的防御手段。
|
| 关 键 词: | 僵尸网络 命令与控制 信道预测 Webshell |
Research on Webshell-based botnet |
| |
| Ke LI,Bin-xing FANG,Xiang CUI,Qi-xu LIU,Zhi-tao YAN.Research on Webshell-based botnet[J].Journal on Communications,2016,37(6):11-19. |
| |
| Authors: | Ke LI Bin-xing FANG Xiang CUI Qi-xu LIU Zhi-tao YAN |
| |
| Affiliation: | 1. School of Computer,Beijing University of Posts and Telecommunications,Beijing 100876,China;2. Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China |
| |
| Abstract: | With the rapid rising of Web server-based botnets,traditional channel models were unable to predict threats from them.Based on improving traditional Webshell control method,a command and control channel model based on tree structure was proposed.The model was widely applicable and stealthy and the simulation experimental results show it can achieve rapid and reliable commands delivery.After summarizing the limitations of current defenses against the proposed model,the model’s inherent vulnerabilities is analyzed and feasible defense strategies are put forward. |
| |
| Keywords: | botnet command and control channel prediction Webshell |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
|
