检索
E-mail
RSS
作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2008, Vol. 34 ›› Issue (21): 115-117,.doi: 10.3969/j.issn.1000-3428.2008.21.042

• 安全技术 • 上一篇    下一篇

基于信息关联的P2P蠕虫检测方法

张 静1,胡华平1,2,肖枫涛1,刘 波1   

  1. (1. 国防科技大学计算机学院,长沙 410073;2. 福建师范大学网络安全与密码技术重点实验室,福州 350007)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-11-05 发布日期:2008-11-05

P2P Worm Detection Method Based on Information Correlation

ZHANG Jing1, HU Hua-ping1,2, XIAO Feng-tao1, LIU Bo1   

  1. (1. College of Computer, National University of Defense Technology, Changsha 410073; 2. Key Lab of Network Security and Cryptology, Fujian Normal University, Fuzhou 350007)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-11-05 Published:2008-11-05

PDF

846

被引次数

3

摘要: P2P蠕虫对P2P网络和Internet构成巨大安全威胁。该文根据P2P网络报文之间的关系,提出一种P2P蠕虫检测方法,通过建立过滤规则实现对P2P蠕虫的检测与抑制。模拟实验结果表明,该方法对P2P蠕虫传播的抑制效果与资源分布存在较大联系,其检测效果 良好。

关键词: P2P蠕虫, 传播, 检测, 抑制

Abstract: P2P worm has become a severe threat to the P2P network and Internet. This paper presents a P2P worm detection method according to the relations between the messages in P2P network, and establishes a series of filter rules to realize the detection and containment for P2P worm. Simulation experimental results show that the distribution of resources has a great influence on the effect of containment for P2P worm propagation in this method and this method has a good effect on P2P worm detection.

Key words: P2P worm, spread, detection, containment

中图分类号: