Computer Science ›› 2016, Vol. 43 ›› Issue (4): 150-154.doi: 10.11896/j.issn.1002-137X.2016.04.030

Previous Articles     Next Articles

Trojans Keep-alive Behavior Detection Approach Based on Wavelet Transform

BAI Hong, PANG Jian-min, DAI Chao and YUE Feng   

  • Online:2018-12-01 Published:2018-12-01

Abstract: Trojans keep-alive behavior detection algorithms generally are based on the method of clustering,which can hardly avoid the interference of other packets in the network,leading to false positive results.Therefore,this paper proposed a Trojans keep-alive behavior detection approach based on wavelet transform.In this approach,firstly,TCP packetsstream is described by packet length signal,then the signal is processed by compelling threshold denoising method based on Mallat theory,and finally detection results can be acquired through detail information decision algorithm based on packet rate.Experiments show that this approach can detect Trojan keep-alive behavior effectively and has better anti-interference.

Key words: Trojans keep-alive behavior,Packet length signal,Mallat theory,Wavelet transform

[1] Scarfone K,Mell P.Guide to intrusion detection and prevention systems (idps)[J].National Institute of Standards and Techno-logy Special Publication,2007,2007(800):94
[2] Ding Wei-qiu,A detection technology based on network beha-vioral characteristics of Trojan [D].Nanjing:Nanjing University of Posts and Telecommunications,2013(in Chinese) 丁卫球.基于网络行为特征的木马检测技术[D].南京:南京邮电大学,2013
[3] Xia Ai-min,Zhang Hong-zhi,Yang Wei-feng.Trojan Horse Detection Technology based on Characteristics of Comprehensive Behavior[J].Information Security and Communications Privacy,2014(6):109-113(in Chinese) 夏爱民,张宏志,杨伟锋.基于综合行为特征的木马检测技术研究[J].信息安全与通信保密,2014(6):109-113
[4] Ma Li-jun.The survey of theft Trojan Detection based on behavior detection[J].Journal of Guangxi University for Nationali-ties(Natural Science Edition),2014,20(2):70-74(in Chinese) 马立军.基于行为检测的窃密型木马检测研究[J].广西民族大学学报(自然科学版),2014,20(2):70-74
[5] Tao He,Hao Zhong.Network heartbeat packets recognition basedon DTW and HC-FCM algorithm[C]∥2010 Sixth International Conference on Natural Computation (ICNC).IEEE,2010,6:3190-3193
[6] Yi Jun-kai,Chen Li,Sun Jian-wei.Data flow clustering detection approach of network heartbeat packet sequence[J].Computer Engineering,2011,37(24):61-63
[7] Pu Yi-guo,Chen Xiao-jun,Cui Xu,et al.Data Stolen Trojan Detection based on Network Behaviors[J].Procedia Computer Science,2013,17:828-835
[8] Meng Lei,Liu Sheng-li,Liu Long,et al.Trojan Rapid Detection Method Based on Heartbeat Behavior Analysis[J].Computer Engineering 2012,38(14):13-16(in Chinese) 孟磊,刘胜利,刘龙,等.基于心跳行为分析的木马快速检测方法[J].计算机工程,2012,38(14):13-16
[9] Wu Xiao-pei,Song Jun-ke,Guo Xiao-jing,et al.The Online Envelope Detection Based on Sliding Window ICA and Its Application to Brain-Computer Interface[J].Acta Biophysica Sinica,2012,28(11):896-909(in Chinese) 吴小培,宋俊可,郭晓静,等.基于滑动窗独立分量分析的在线包络检测新方法及其在脑-机接口中的应用[J].生物物理学报,2012,28(11):896-909
[10] Oppenheim A V,Willsky A S,Nawab S H.Signals and systems[M].Englewood Cliffs,NJ:Prentice-Hall,1983
[11] Yang Yue-xiang.The Research on the Algorithms of Information Hiding and Network Traffic Detection Based on Wavelet Analysis[D].Changsha:National University of Defense Technology,2008(in Chinese) 杨岳湘.基于小波变换的信息隐藏与网络流量检测方法研究[D].长沙:国防科学技术大学,2008
[12] Yang Ji-peng,Liu Xue-cheng.Study of The NetWork Abnormal Detection Based on The Wavelet Transforms[J].Journal of Shanghai Agicultural University(Natural Science),2011(1):95-99(in Chinese) 杨继鹏,刘学诚.基于小波变换的网络异常检测研究[J].山东农业大学学报(自然科学版),2011(1):95-99

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75, 88 .
[2] XIA Qing-xun and ZHUANG Yi. Remote Attestation Mechanism Based on Locality Principle[J]. Computer Science, 2018, 45(4): 148 -151, 162 .
[3] LI Bai-shen, LI Ling-zhi, SUN Yong and ZHU Yan-qin. Intranet Defense Algorithm Based on Pseudo Boosting Decision Tree[J]. Computer Science, 2018, 45(4): 157 -162 .
[4] WANG Huan, ZHANG Yun-feng and ZHANG Yan. Rapid Decision Method for Repairing Sequence Based on CFDs[J]. Computer Science, 2018, 45(3): 311 -316 .
[5] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[6] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[7] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[8] LIU Qin. Study on Data Quality Based on Constraint in Computer Forensics[J]. Computer Science, 2018, 45(4): 169 -172 .
[9] ZHONG Fei and YANG Bin. License Plate Detection Based on Principal Component Analysis Network[J]. Computer Science, 2018, 45(3): 268 -273 .
[10] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99, 116 .