吉林大学学报(理学版)

• 计算机科学 • 上一篇    下一篇

基于流量图的僵尸网络检测技术分析

何毓锟, 李强, 嵇跃德, 郭东   

  1. 吉林大学 计算机科学与技术学院,  符号计算与知识工程教育部重点实验室, 长春 130012
  • 收稿日期:2012-10-08 出版日期:2013-07-26 发布日期:2013-08-06
  • 通讯作者: 李强 E-mail:li_qiang@jlu.edu.cn

Analysis of Botnet Detection Technique Based on Traffic Graph

HE Yukun, LI Qiang, JI Yuede, GUO Dong   

  1. College of Computer Science and Technology, Key Laboratory of Symbol Computation andKnowledge Engineer of Ministry of Education, Jilin University, Changchun 130012, China
  • Received:2012-10-08 Online:2013-07-26 Published:2013-08-06
  • Contact: LI Qiang E-mail:li_qiang@jlu.edu.cn

PDF (PC)

942

摘要:

基于常见协议的僵尸网络通信图结构和特征, 对比分析了它们的功能和工作机制及现有基于流量图僵尸网络检测方法的使用环境、 实验数据、 结果和方法的优缺点, 并提出了僵尸网络检测技术的改进措施.

关键词: 僵尸网络, 流量图, 僵尸检测, 网络安全

Abstract:

We presented the structures and characteristics of Botnet communication graphs in several common protocols. We compared and analyzed their functions and mechanisms and then summarized some recent researches of Botnet detection methods based on traffic graph. We further made a comparative analys
is of their application environments, experimental data and results, the advantages and disadvantages of the methods. In the end, we proposed some possible improvements for Botnet detection.

Key words: Botnet, traffic graph, Bot detection, network security

中图分类号: 

  • TP393
版权所有 © 《吉林大学学报(理学版)》编辑部
地址:吉林省长春市前进大街2699号 邮编:130012 电话:+86-431-88499428 E-mail: sejuj@jlu.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发