信息与电子工程2011,Vol.9Issue(2):234-237,4.
数据流异常检测及其在僵尸网络检测中的应用
Data flow anomaly detection technique and its application in Botnet detection
邓军1
作者信息
- 1. 西南交通大学,电气工程学院,四川,成都,610031
- 折叠
摘要
Abstract
Mosi of the current detection of P2P(Peer to Peer) Botnet adopts traditional reverse engineering method. which is VPry accurate, hut difficult to he implemented and shows low efficiency. It becomes ineffPctive for varinnts. This paper attempts to find a data stream anomaly detection method suitahle to the data stream application cases. and tries to apply it to P2P Zombic Virus detection. By monitoring network data stream. the special behaviors of P2P Zomhie Virus in their spreading can be found. The locating of the zomhie host can he realized hy caplu ring those hehaviors.关键词
僵尸网络/数据流异常检测/聚类建模Key words
Botnet/ data stream anomaly detection/ clustering model分类
信息技术与安全科学引用本文复制引用
邓军..数据流异常检测及其在僵尸网络检测中的应用[J].信息与电子工程,2011,9(2):234-237,4.
