计算机科学 ›› 2018, Vol. 45 ›› Issue (7): 135-138.doi: 10.11896/j.issn.1002-137X.2018.07.022
牛伟纳1,2,张小松1,2,杨国武1,卓中流1,卢嘉中1
NIU Wei-na1,2,ZHANG Xiao-song1,2,YANG Guo-wu1,ZHUO Zhong-liu1,LU Jia-zhong1
摘要: 僵尸网络作为共性攻击平台,采用目前先进的匿名网络和恶意代码技术为APT攻击提供了大量有效资源。为了有效控制僵尸网络的大规模爆发,需研究其构建规律。考虑到在传播过程中僵尸网络的不同区域具有不同的感染率,结合疾病传播模型,提出了一种具有异构感染率的僵尸网络传播模型。首先,通过对僵尸网络稳态特征的分析,使用平均场方法从动力学角度研究了其传播特性;然后,在BA网络中通过模拟实验来分析异构感染率如何影响僵尸网络的传播阈值。实验结果表明,该模型更符合真实情况,且僵尸程序传播阈值和异构感染率的关系与节点数量无关。
中图分类号:
[1]EASON G,NOBLE B,SNEDDON I N.On certain integrals ofEggdrop:Open source IRC bot [EB/OL].http://www.eggheads.org. [2]KIRUBAVATHI G,ANITHA R.Botnets:A study and analysis [M]//Computational Intelligence,Cyber Security and Computational Models.Springer India,2014:203-214. [3]WANG Y,WEN S,XIANG Y,et al.Modeling the propagation of worms in networks:A survey [J].IEEE Communications Surveys & Tutorials,2014,16(2):942-960. [4]SHARIFNYA R,ABADI M.DFBotkiller:domain-flux botnetdetection based on the history of activities and failures in DNS traffic.Digital Inestigation,2015,12:15-26. [5]GU G,PORRAS P A,YEGNESWARAN V,et al.Bothunter:Detecting malware infection through ids-driven dialog correcation[C]∥USENIX Security Symposium.2007:1-16. [6]GU G,PERDISCI R,ZHANG J,et al.BotMiner:ClusteringAnalysis of Network Traffic for Protocol-and Structure-Indepen-dent Botnet Detection[J].USENIX Security Symposium,2008,5(2):139-154. [7]SINGH K,GUNTUKU S C,THAKUR A,et al.Big data analy-tics framework for peer-to-peer botnet detection using random forests [J].Information Sciences,2014,278(19):488-497. [8]TEGELER F,FU X,VIGNA G,et al.Botfinder:Finding bots in network traffic without deep packet inspection[C]∥8th Iinternational Conference on Emerging Networking Experiments and Technologies.ACM,2012:349-360. [9]KONG X,CHEN Y,TIAN H,et al.A Novel Botnet Detection Method Based on Preprocessing Data Packet by Graph Structure Clustering[C]∥2016 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC).IEEE,2016:42-45. [10]QIAN Q,XIAO C J,ZHANG R.Propagation modeling for P2P botnet in structured P2P network [J].Journal of Software,2012,23(12):3161-3174.(in Chinese) 钱权,萧超杰,张瑞.结构化对等网络中P2P僵尸网络传播模型[J].软件学报,2012,23(12):3161-3174. [11]OUYANG C X,TAN L.New propagation model of Botnet on scale-free network [J].Computer Engineering and Applications,2013,49(9):110-114.(in Chinese) 欧阳晨星,谭良.无尺度网络下的僵尸网络传播模型研究[J].计算机工程与应用,2013,49(9):110-114. [12]CAO X L,NIU Z L.Study on propagation model of botnet based on weighted networks [J].Computer Applications and Software,2012,30(7):180-184.(in Chinese) 曹晓丽,牛志玲.基于加权网络的僵尸网络传播模型研究[J].计算机应用与软件,2013,30(7):180-184. [13]CHENG S P,TAN L,HUANG B,et al.Botnet propagationmodeling and analysis [J].Computer Engineering and Applications,2013,49(1):107-111.(in Chinese) 成淑萍,谭良,黄彪,等.僵尸网络传播模型分析[J].计算机工程与应用,2013,49(1):107-111. [14]SRICHARAN K G,KISORE N R.Mathematical model to study propagation of computer worm in a network[C]∥2015 IEEE International Advance Computing Conference (IACC).IEEE,2015:772-777. [15]REN W,SONG L P,FENG L P.A novel mathematical model on Peer-to-Peer botnet [J].Journal of Measurement Science and Instrumentation,2014,5(4):62-67. [16]BUONO C,VAZQUEZ F,MACRI P A,et al.Slow epidemic extinction in populations with heterogeneous infection rates [J].Physical Review E,2013,88(2):022813. |
[1] | 杜鸿毅, 杨华, 刘艳红, 杨鸿鹏. 基于网络媒体的非线性动力学信息传播模型 Nonlinear Dynamics Information Dissemination Model Based on Network Media 计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043 |
[2] | 张翕然, 刘万平, 龙华. 物联网僵尸网络病毒的传播动力学模型与分析 Dynamic Model and Analysis of Spreading of Botnet Viruses over Internet of Things 计算机科学, 2022, 49(6A): 738-743. https://doi.org/10.11896/jsjkx.210300212 |
[3] | 张叶, 李志华, 王长杰. 基于核密度估计的轻量级物联网异常流量检测方法 Kernel Density Estimation-based Lightweight IoT Anomaly Traffic Detection Method 计算机科学, 2021, 48(9): 337-344. https://doi.org/10.11896/jsjkx.200600108 |
[4] | 杨超, 刘志. 基于TASEP模型的复杂网络级联故障研究 Study on Complex Network Cascading Failure Based on Totally Asymmetric Simple Exclusion Process Model 计算机科学, 2020, 47(9): 265-269. https://doi.org/10.11896/jsjkx.190700069 |
[5] | 王栋, 商红慧, 张云泉, 李琨, 贺新福, 贾丽霞. 原子动力学蒙特卡洛程序MISA-KMC在反应堆压力容器钢辐照损伤研究中的应用 Application of Atomic Dynamics Monte Carlo Program MISA-KMC in Study of Irradiation Damage of Reactor Pressure Vessel Steel 计算机科学, 2020, 47(4): 30-35. https://doi.org/10.11896/jsjkx.191100045 |
[6] | 黄光球, 陆秋琴. 垂直结构群落系统优化算法 Vertical Structure Community System Optimization Algorithm 计算机科学, 2020, 47(4): 194-203. https://doi.org/10.11896/jsjkx.190200273 |
[7] | 赵敏,戴凤智. 基于气动参数调节的无人机抗扰动控制算法 Anti-disturbance Control Algorithm of UAV Based on Pneumatic Parameter Regulation 计算机科学, 2020, 47(3): 237-241. https://doi.org/10.11896/jsjkx.190200371 |
[8] | 黄光球,陆秋琴. 保护区种群迁移动力学优化算法 Protected Zone-based Population Migration Dynamics Optimization Algorithm 计算机科学, 2020, 47(2): 186-194. https://doi.org/10.11896/jsjkx.181202338 |
[9] | 刘小洋, 何道兵. 基于突发公共事件的信息传播动力学模型与舆情演化研究 Study on Information Propagation Dynamics Model and Opinion Evolution Based on Public Emergencies 计算机科学, 2019, 46(5): 320-326. https://doi.org/10.11896/j.issn.1002-137X.2019.05.050 |
[10] | 张帅, 徐顺, 刘倩, 金钟. 基于GPU的分子动力学模拟Cell Verlet算法实现及其并行性能分析 Cell Verlet Algorithm of Molecular Dynamics Simulation Based on GPU and Its Parallel Performance Analysis 计算机科学, 2018, 45(10): 291-294. https://doi.org/10.11896/j.issn.1002-137X.2018.10.054 |
[11] | 顾海俊,蒋国平,夏玲玲. 基于状态概率转移的SIRS病毒传播模型及其临界值分析 SIRS Epidemic Model and its Threshold Based on State Transition Probability 计算机科学, 2016, 43(Z6): 64-67. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.014 |
[12] | 宋元章. 基于排列熵与决策级多传感器数据融合的P2P僵尸网络检测方法 P2P Botnet Detection Based on Permutation Entropy and Multi-sensor Data Fusion on Decision Level 计算机科学, 2016, 43(7): 141-146. https://doi.org/10.11896/j.issn.1002-137X.2016.07.025 |
[13] | 邱卫,杨英杰. 基于尖点突变模型的联动网络流量异常检测方法 Interaction Network Traffic Anomaly Detection Method Based on Cusp Catastrophic Model 计算机科学, 2016, 43(3): 163-166. https://doi.org/10.11896/j.issn.1002-137X.2016.03.031 |
[14] | 陈连栋,张蕾,曲武,孔明. 一种分布式的僵尸网络实时检测算法 Distributed Real-time Botnet Detection Algorithm 计算机科学, 2016, 43(3): 127-136. https://doi.org/10.11896/j.issn.1002-137X.2016.03.026 |
[15] | 方颖,徐炳吉. 一种基于荷控忆阻器的混沌电路 Charge-controlled Memristor-based Chaotic Circuit 计算机科学, 2014, 41(Z11): 447-450. |
|