| 一种抗污染的混合P2P僵尸网络 |
| |
| 作者姓名: | 尹捷 崔翔 方滨兴 衣龙浩 张方娇 |
| |
| 作者单位: | 中国科学院信息工程研究所, 北京 中国 100093;中国科学院大学网络空间安全学院, 北京 中国 100049,中国科学院信息工程研究所, 北京 中国 100093;广州大学网络空间先进技术研究院, 广州 中国 510006,广州大学网络空间先进技术研究院, 广州 中国 510006;电子科技大学广东电子信息工程研究院, 广东东莞 中国 523808,中国科学院信息工程研究所, 北京 中国 100093;中国科学院大学网络空间安全学院, 北京 中国 100049,中国科学院信息工程研究所, 北京 中国 100093;中国科学院大学网络空间安全学院, 北京 中国 100049 |
| |
| 基金项目: | 本课题得到国家重点研发计划No.2016QY08D1602,东莞市引进创新科研团队计划(项目编号:201636000100038)资助。 |
| |
| 摘 要: | 基于Peer-list的混合型P2P僵尸网络代表了一类高级僵尸网络形态,这种僵尸网络的优势是可抵抗传统P2P僵尸网络易受的索引污染(Index Poisoning)攻击和女巫(Sybil)攻击,然而却引入了新的问题——易受Peer-list污染攻击。本文提出一种新颖的混合P2P僵尸网络设计模型,在僵尸网络构建和Peer-list更新的整个生命周期中引入信誉机制,使得Peer-list污染攻击难以发挥作用。实验证明该模型具备很强的抗污染能力和很高的健壮性,因此对网络安全防御造成了新的威胁。最后,我们提出了若干可行的防御方法。本文旨在增加防御者对高级僵尸网络的理解,以促进更有效的网络防御。
|
| 关 键 词: | P2P僵尸网络 混合型僵尸网络 对等列表 污染攻击 |
| 收稿时间: | 2017/9/25 0:00:00 |
| 修稿时间: | 2017/11/13 0:00:00 |
A Pollution-resilient Hybrid P2P Botnet |
| |
| Authors: | YIN Jie CUI Xiang FANG Binxing YI Longhao and ZHANG Fangjiao |
| |
| Affiliation: | Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China,Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou 510006, China,Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou 510006, China;Institute of Electronic and Information Engineering of UESTC in Guangdong, Dongguan Guangdong 523808, China,Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China and Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China |
| |
| Abstract: | Peer-list exchanging based hybrid P2P botnets, which are naturally robust in topology structure and immune to Index Poisoning and Sybil attacks, represent one of the most sophisticated botnets. However, such kinds of botnets are generally vulnerable to Peer-list pollution attack. In this paper, we present a novel hybrid botnet design, which aims to verify the possibility of developing a pollution resilient hybrid P2P botnet. The proposed botnet introduces a reputation-based mechanism into the whole lifecycle of Peer-list constructing and updating, making pollution attack extremely difficult, even using thousands of coordinated polluters simultaneously. We evaluated the proposed botnet under mitigation condition; and the experiments result show that such kind of advanced botnet is feasible, consequently posing a great challenge to security defenders. At last, we suggest some possible countermeasures to defend against such an advanced botnet. The ultimate goal of our work is to increase the understanding of the emerging advanced botnets, which will promote the development of more efficient countermeasures. |
| |
| Keywords: | P2P botnet Hybrid botnet Peer-list Pollution attack |
|
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
|
