计算机工程2011,Vol.37Issue(17):119-121,139,4.
基于网络通信指纹的启发式木马识别系统
Heuristic Trojan Identification SystemBased on Network Communication Fingerprint
摘要
Abstract
This paper discusses the trojan detection technique, and a detail contrast research of related characters is given. In order to provide trojan detection based on network data flow, a trojan identification method based on network communication fingerprint is broutht forward. The concept of communication fingerprint is introduced to expand the extension of the communication features. Through the experimental method the fingerprints information of trojan for each phase such as connection, control and file transfer can be highlighted. On that basis, a heuristic identification system for trojan based on network communication fingerprint is designed and implemented. Test results indicate that the system runs efficient and the results are accurate.关键词
木马识别/通信指纹/启发式/深度包检测/数据流Key words
trojan identification/ communication fingerprint/ heuristic/ Deep Packet Inspection(DPI)/ data flow分类
信息技术与安全科学引用本文复制引用
唐彰国,李换洲,钟明全,张健..基于网络通信指纹的启发式木马识别系统[J].计算机工程,2011,37(17):119-121,139,4.基金项目
四川省应用基础研究基金资助项目(07JY029-011) (07JY029-011)
四川省教育厅基金资助项目(08ZA043) (08ZA043)
