计算机科学 ›› 2011, Vol. 38 ›› Issue (6): 101-105.
• 计算机网络与信息安全 • 上一篇 下一篇
佟晓筠,王翥
出版日期:
发布日期:
基金资助:
TONG Xiao-jun,WANG Zhu
Online:
Published:
摘要: 目前已有一些蠕虫检测系统利用蠕虫传播特性进行检测,误报率高,不能对大范围网络进行检测。为此,首先对蠕虫传播模型进行了分析和优化,提出了新蠕虫分布式传播模型。针对该模型提出了分布式蠕虫检测技术,亦即采用基于规则的检测方法监控网络蠕虫,控制台管理和协调多个检测端的工作。实验结果表明,该方法能够很好地预警蠕虫的传播行为并进行监控和报警,具有高检测率和低误报率。
关键词: 蠕虫,蠕虫传播模型优化,蠕虫预警,分布式蠕虫检测
Abstract: At present there arc some worm intrusion detection systems which detect network worms only by using worm propagation properties and have high false alarm rate. This paper analyzed worm non-linear propagation models, realized the optimization of worm model, and proposed distributed worm propagation model. Then a distributed worm detection technology was designed according to the distributed worm propagation model. The system uses rule-based detection method to monitor network worms, and the console side manages and coordinates detection work of the client sides. The experimental results show that the technology is a good solution to worm warning and worm detection, which can give an alarm with high detection rate and low false alarm rate.
Key words: Worm, Propagation model optimisation of worm, Worm warning, Distributed worm detection
佟晓筠,王翥. 蠕虫预警及非线性传播模型优化[J]. 计算机科学, 2011, 38(6): 101-105. https://doi.org/
TONG Xiao-jun,WANG Zhu. Worm Warning and Optimization of Nonlinear Propagation Model[J]. Computer Science, 2011, 38(6): 101-105. https://doi.org/
0 / / 推荐
导出引用管理器 EndNote|Reference Manager|ProCite|BibTeX|RefWorks
链接本文: https://www.jsjkx.com/CN/
https://www.jsjkx.com/CN/Y2011/V38/I6/101
Cited
首页