| 基于本地网的分布式蠕虫检测系统设计 |
| |
| 引用本文: | 巩永旺,张红旗.基于本地网的分布式蠕虫检测系统设计[J].计算机工程与设计,2010,31(11). |
| |
| 作者姓名: | 巩永旺 张红旗 |
| |
| 作者单位: | 1. 盐城工学院电气与信息技术研究所,江苏,盐城,224051
2. 解放军信息工程大学电子技术学院,河南,郑州,450004 |
| |
| 基金项目: | 盐城工学院重点学科研究基金 |
| |
| 摘 要: | 为能有效检测本地网中的已知蠕虫和未知蠕虫,设计了一个分布式蠕虫检测系统.探讨了系统的部署策略和结构,并详细描述了系统检测算法的设计过程.检测算法分为可疑主机检测和感染主机检测两个阶段,前者通过监控主机的网络连接异常发现可疑主机,后者采用误用检测和关联分析判断可疑主机是否为感染主机.仿真实验结果表明了该系统的有效性.
|
| 关 键 词: | 蠕虫检测 连接度 连接失败比率 误用检测 关联分析 |
Design of distributed worm detection system based on local network |
| |
| GONG Yong-wang,ZHANG Hong-qi.Design of distributed worm detection system based on local network[J].Computer Engineering and Design,2010,31(11). |
| |
| Authors: | GONG Yong-wang ZHANG Hong-qi |
| |
| Affiliation: | GONG Yong-wang1,ZHANG Hong-qi2(1.Institute of Electrical , Information Technology,Yancheng Institute of Technology,Yancheng 224051,China,2.Institute of Electronic Technology,PLA Information Engineering University,Zhengzhou 450004,China) |
| |
| Abstract: | To detection known worms and unknown worms in the local network effectively,a distributed worm detection system is designed,the deployment strategy and structure of the system are discussed,and the design method of the worm detection algorithm is described in detail.The worm detection algorithm consists of two stages,the first stage is suspect hosts detection which monitors the abnormal network connects of hosts,and the second stage is infection hosts detection which adopts misuse detection and relevance an... |
| |
| Keywords: | worm detection connection degree connect failure rate misuse detection relevance analysis |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
