排序方式: 共有34条查询结果,搜索用时 15 毫秒
31.
Heshuai Li Junhu Zhu Han Qiu Qingxian Wang Tianyang Zhou Hang Li 《International Journal of Communication Systems》2015,28(6):1126-1139
Distributed network paralyzing (DNP) attack, a kind of distributed denial‐of‐service attack that utilize botnet to congest and paralyze autonomous system level network, is a serious threat to network security. In this article, it is indicated that the most difficulty of DNP attack is strategizing DNP attacking flows automatically from the perspective of the attacker. For this outstanding issue, we introduce the DNP attacking flows strategizing technology, which can help an attacker to launch DNP attack efficiently through a series of attacking resources division–target links and attacking paths orientation–flux planning process. Through simulation, we demonstrate that the feasibility of attacking flows strategizing technology and prove that an attacker who controls a large‐scale botnet can utilize DNP attack to seriously threat the network security. At last, from the perspective of the defender, it is indicated that the network security researcher should strengthen the relevant research to defend the DNP attack. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
32.
主动网络流水印技术研究进展 总被引:1,自引:0,他引:1
在匿名网络环境下通信双方关系确认、僵尸网络控制者追踪、中间跳板主机发现等方面,以被动网络流量分析(passive traffic analysis)为核心的传统入侵检测与流关联技术存在空间开销大、实时性差、识别率低、灵活性欠佳、难以应对加密流量等明显缺点。而将主动网络流量分析与数字水印思想相融合的主动网络流水印(ANFW, active network flow watermark)技术能有效克服传统被动网络流量分析方法的不足,已引起了国内外学者的广泛关注。首先阐述了ANFW机制的通用模型,总结了ANFW技术的分类及所涉及的角色关系;其次,详细综述了近年来提出的多种典型的基于不同网络流特征的ANFW技术,并进行对比性总结;最后,概述了当前ANFW技术自身安全威胁及应对措施现状,展望了其未来的研究方向。 相似文献
33.
34.
In this paper, we propose a novel method to detect encrypted botnet traffic. During the traffic preprocessing stage, the proposed payload extraction method can identify a large amount of encrypted applications traffic. It can filter out a large amount of non-malicious traffic, greatly improving the detection efficiency. A Sequential Probability Ratio Test (SPRT)-based method can find spatial-temporal correlations in suspicious botnet traffic and make an accurate judgment. Experimental results show that the false positive and false negative rates can be controlled within a certain range. 相似文献