期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于应用识别的P2P蠕虫检测 被引量:5

P2P worm detection based on traffic classification and application identification
在线阅读 下载PDF
导出
摘要 对等网中基于漏洞传播的P2P蠕虫是严重的安全威胁.根据P2P蠕虫的传播特点,提出了一种P2P蠕虫检测方法PWD(P2P W orm Detection).PWD主要由基于应用识别技术的预处理和基于未知蠕虫检测技术的P2P蠕虫检测2部分组成,改进了干扰流量的识别和过滤规则,提出了P2P蠕虫检测规则,并引进博弈论的研究方法讨论了检测周期的选取问题.仿真结果和局域网环境下的实验结果都表明,PWD是检测P2P蠕虫和遏制其传播的有效方法. P2P worm exploits common vulnerabilities in Peer-to-Peer networks. It is a severe security threat. A P2P worm detection method was presented, which called P2P worm detection (PWD) based on the worm's propagation characteristics. PWD consists of a preprocess procedure which is based on application identification technology and a P2P worm detection procedure which is based on unknown worm detection technology. Improved heuristics was also advanced to identify and disturbing traffic was eliminated as well as heuristics to detect P2P worm. The selection of detection period was discussed by applying methodologies of game theory. Simulation result and LAN-scope experimental result both indicate that PWD is an effective method to detect and block P2P worm.
作者 夏春和 石昀平 李肖坚
机构地区 北京航空航天大学网络技术北京市重点实验室
出处 《北京航空航天大学学报》 EI CAS CSCD 北大核心 2006年第8期998-1002,共5页 Journal of Beijing University of Aeronautics and Astronautics
基金 航空基金资助项目(03F51060) 北京市教委共建项目建设计划基金资助项目(SYS100060412) 国防基础科研资助项目
关键词 P2P蠕虫 蠕虫检测 应用识别 P2P worm worm detection application identification
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献1

二级参考文献16

  • 1Zhou L.,Zhang L.,McSherry F.,Immorlica N.,Chien S..A first look at peer-to-peer worms:Threats and defenses.In:Proceedings of the Peer-to-Peer Systems 4th International Workshop,Ithaca,NY,USA,2005,24~35
  • 2Stoica I.,Morris R.,Karger D.,Kaashoek M.F.,Balakrishnan H..Chord:A scalable peer-to-peer lookup service for internet applications.In:Proceedings of the ACM SIGCOMM2001,San Diego,2001,149~160
  • 3Ratnasamy S.,Francis P.,Handley M.,Karp R.,ShenkerS..A scalable content-addressable network.In:Proceedings of the ACM SIGCOMM 2001,San Diego,2001,161~172
  • 4Rowstron A.,Druschel P..Pastry:Scalable,distributed object location and routing for large-scale peer-to-peer systems.In:Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms,Berlin,2001,329~350
  • 5Zhao B.Y.,Kubiatowicz J.D.,Joseph A.D..Tapestry:An infrastructure for fault-tolerant wide-area location and routing.University of California,Berkeleg:Technical Report UCB/CSD-01-1141,2000
  • 6Sit E.,Morris R..Security considerations for peer-to-peer distributed hash tables.In:Proceedings of the 1st International Workshop on Peer-to-Peer Systems,Cambridge,Massachusetts,2002,261~269
  • 7Castro M.,Druschel P.,Ganesh A.,Rowstron A.,Wallach D.S..Secure routing for structured peer-to-peer overlay networks.In:Proceedings of the 5th Usenix Symposium on Operating Systems Design and Implementation,Boston,MA,2002,299~314
  • 8Srivatsa Mudhakar,Liu Ling.Vulnerabilities and security threats in structured overlay networks:A quantitative analysis.In:Proceedings of the 20th IEEE Annual Computer Security Applications Conference,Tucson,Arizona,2004,252~261
  • 9Plaxton C.G.,Rajaraman R.,Richa A.W..Accessing nearby copies of replicated objects in a distributed environment.Theory of Computing Systems,1999,32(3):241~280
  • 10Staniford Stuart,Paxson Vern,Weaver Nicholas.How to own the Internet in your spare time.In:Proceedings of the 11th USENIX Security Symposium,San Francisco,CA,2002,149~167

共引文献25

同被引文献36

引证文献5

二级引证文献8

北京航空航天大学学报
2006年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部