计算机工程Issue(11):106-112,7.DOI:10.3969/j.issn.1000-3428.2014.11.021
基于网络流量的僵尸网络动态检测模型
Dynamic Detection Model in Botnet Based on Network Traffic
成淑萍 1谭良2
作者信息
- 1. 四川文理学院计算机学院,四川 达州635001
- 2. 四川师范大学计算机学院,成都610068
- 折叠
摘要
Abstract
For the status quo that the Botnet detection of a priori knowledge to get the matching and protocol-related are unable to be suitable for new or mutated Botnet detection,this paper proposes a dynamic Botnet detection model based on network traffic. By using clustering,it analyzes traffic and completes the correlation analysis to identify similar between bot communication and malicious behavior patterns. The test architecture has nothing to do with the agreement and Botnet prior knowledge. The model has three dynamic characteristics, such as the characteristics of library updated, detection model generation,and handling the network traffic from the dynamic Botnet. Finally,the effectiveness and the accuracy are verified by the experimental data.关键词
网络安全/僵尸网络/恶意代码/网络流量/动态检测Key words
network security/Botnet/malicious code/network flow/dynamic detection分类
信息技术与安全科学引用本文复制引用
成淑萍,谭良..基于网络流量的僵尸网络动态检测模型[J].计算机工程,2014,(11):106-112,7.
