检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:巩永旺[1]
机构地区:[1]盐城工学院电气与信息技术研究所,江苏盐城224051
出 处:《计算机仿真》2010年第10期91-94,共4页Computer Simulation
基 金:盐城工学院重点学科研究基金项目(XKY2007068)
摘 要:为了阻止外网蠕虫向本地网的传播,设计了一个基于本地网保护的蠕虫防御系统。该系统通过监测外部主机连接本地网的连接强度、端口相似度和失败比率等统计信息预警蠕虫扫描行为和可疑外部主机,通过检测和丢弃来自可疑主机的蠕虫攻击包防御蠕虫向本地网传播。为了提高系统效率和减少系统对正常网络活动的影响,蠕虫攻击包检测采用了源地址跟踪和蠕虫特征匹配两级检测。最后建立了该蠕虫防御系统保护下的本地网蠕虫传播模型,并通过仿真实验验证了系统的有效性。In order to block worms propagating from external network to local network,a worm defense system based on local network protect was designed.The system can alert worm scan activities and suspicious infected external network hosts through monitoring connect intensity,port similarity and connect failure rate of the external network hosts connecting the hosts of local network,and defense worm through detecting and discarding the worm attack packets from the suspicious infected exterior hosts.In order to improve system efficiency and reduce the number of interference with normal activity,worm attack detection consists of source IP trace and worm features match strategy.Worm propagation model based on this system was designed and the effectiveness of the system was verified through the simulation experiments.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.171