基于流量聚类分析的P2P僵尸网络检测模型
기우류량취류분석적P2P강시망락검측모형
A P2P Botnet Detection Model Based on Traffic Clustering Analysis
  • 万方数据
    现代计算机:上半月版 현대계산궤:상반월판
    Modern Computer
    2012年 10期 17-20 ,共4页

    魏苏林%张雪东%常郝%王浩

    위소림%장설동%상학%왕호

    僵尸网络%P2P%NetFlow%恶意代码 僵尸網絡%P2P%NetFlow%噁意代碼
    강시망락%P2P%NetFlow%악의대마
    Botnet%Peer-to-Peer%NetFlow%Malicious Code
    P2P僵尸网络作为僵尸网络的高级形式具有分布式的结构,隐蔽性高,难于检测。基于僵尸网络的群体相似性,提出一种高效的P2P僵尸网络检测模型,能够将P2P僵尸程序流量从正常P2P文件共享程序流量中分离出来,具有较低的漏报率。
    P2P강시망락작위강시망락적고급형식구유분포식적결구,은폐성고,난우검측。기우강시망락적군체상사성,제출일충고효적P2P강시망락검측모형,능구장P2P강시정서류량종정상P2P문건공향정서류량중분리출래,구유교저적루보솔。
    As advanced forms of botnets, P2P botnets employ decentralized substrates to gain stealthy and robustness and are difficult to detect. Proposes an efficient detection model based on group sim- ilarity in botnet which can separate botnet traffic from the background traffic of P2P file-shar- ing systems. Evaluation test shows the model has low false negative.
    원문보기 원문다운로드 사이트로이동
저자의 최근 논문