| 半分布式P2P Botnet的检测方法研究* |
| |
| 引用本文: | 谢静,谭良.半分布式P2P Botnet的检测方法研究*[J].计算机应用研究,2009,26(10):3925-3928. |
| |
| 作者姓名: | 谢静 谭良 |
| |
| 作者单位: | 1. 四川师范大学,计算机学院,成都,610066
2. 四川师范大学,计算机学院,成都,610066;中国科学院,计算技术研究所,北京,100080 |
| |
| 基金项目: | 四川省科技厅基金资助项目(2008JY0105-2);四川省教育厅基金资助项目(07ZA091);实验室专项基金资助项目(2006ZD022) |
| |
| 摘 要: | Botnet近来已经是网络安全中最为严重的威胁之一,过去出现的Botnet大多数是基于IRC机制,检测方法也大都是针对这种类型的。随着P2P技术的广泛应用,半分布式P2P Botnet已经成为一种新的网络攻击手段。由于半分布式P2P Botnet的servent bot的分布范围大、网络直径宽而冗余度小,造成的危害已越来越大,对半分布式的Botnet的检测研究具有现实意义。阐述了半分布式P2P Botnet的定义、功能结构与工作机制,重点分析了目前半分布式P2P Botnet几种流行的检测方法,并进行了对
|
| 关 键 词: | 半分布P2P Botnet 检测模型 蜜罐 流量分析 钩子 |
Detection methods research of half distributed P2P Botnet |
| |
| XIE Jing,TAN Liang.Detection methods research of half distributed P2P Botnet[J].Application Research of Computers,2009,26(10):3925-3928. |
| |
| Authors: | XIE Jing TAN Liang |
| |
| Abstract: | Recently, Botnet is already to be one of great threats in network security, which appeared in the past is mostly based on IRC mechanism, and the detecting methods are also mostly for this type. With the extensive use of P2P technology, half distributed peer-to-peer(P2P) Botnet has already become one kind of new network attacks. Due to spreading widely of servent bot and little redundance, half distributed P2P Botnet threatens network security increasingly, so the research of the detecting methods about it has more practical significance. This paper addressed the definition, architecture, functions and mechanism of half distributed P2P Botnet, analyzed several popular detecting methods, and comparing with each other. Finally, discussed the detection method development trend of half distributed P2P Botnet. |
| |
| Keywords: | half distributed P2P Botnet detection model Honeypot traffic analysis hook |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
