检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
出 处:《计算技术与自动化》2012年第2期133-137,共5页Computing Technology and Automation
摘 要:僵尸网络由一群被病毒感染的计算机组成,它严重的威胁着Internet的安全。其原理是黑客把病毒植入到目标计算机,然后黑客通过Internet控制这些计算机来实施DDoS攻击、盗取认证信息、分发垃圾邮件和其他恶意行为。通过仿P2P软件,P2P僵尸网络用多个主控制器来避免单点丢失(single pointof failure),并且使用加密技术使得各种各样的misuse detection技术失效。与正常网络行为不同的是,P2P僵尸网络建立了大量不占用带宽的会话,这就使它不会暴露在异常检测技术下。本文采用P2P僵尸网络不同于正常网络行为的特征作为数据挖掘的参数,然后对这些参数进行聚类并加以区分来获得可接受精度范围内可信任的结果。为了证明该方法在发现僵尸网络主机上的有效性,我们在实际的网络环境中进行了验证测试。Abstract..Botnet was composed of the virus-infected computers severely threaten the security of Internet. Its principle is that hackers implanted virus in targeted computers, which were then commanded and controlled by them via the Internet to operate distributed denial of services(DDoS), steal confidential information, distribute junk mails and other malicious acts. By imitating P2P software, P2P botnet used multiple main controller to avoid single point of failure, and failed various mis- use detecting technologies together with encryption technologies. Differentiating from the normal network behavior, P2P botnet sets up numerous sessions without consuming bandwidth substantially, causing itself exposed to the anomaly detec- tion technology. Crucially, the research applied the original dissimilarity of P2P bother differing from normal Internet behav- iors as parameters of data mining, which were then clustered and distinguished to obtain reliable results with acceptable ac- curacy.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7