基于Challenge策略的大规模恶意P2P僵尸节点检测技术

发布时间：2018-06-19 08:36

  本文选题：Challenge策略 + 僵尸网络　； 参考：《计算机工程》2016年10期

【摘要】：传统僵尸网络检测技术主要考虑在主机上或者某一个网关出口的边界处检测特点区域网内的僵尸节点,规模较小,检测效率较低。为了在更大范围内进行有效的对等网络(P2P)僵尸节点检测,提出基于Challenge的探测P2P网络中所寄生的恶意僵尸节点的策略。仿真实验结果表明,在超过400万个节点的KAD网络中,该检测技术可以检测到3 000个~9 000个寄生型P2P僵尸节点,能够估算KAD网络中可能存在的寄生型僵尸节点数目,对后续防御对象的精准定位和防御措施的准确设计具有参考作用。
[Abstract]:The traditional botnet detection technology mainly considers the botnet node in the characteristic area network on the host or at the boundary of a gateway exit, which is small in scale and low in detection efficiency. In order to detect P2P zombie nodes effectively in a larger range, a challenge based strategy for detecting malicious zombie nodes in P2P networks is proposed. The simulation results show that in the KAD network with over 4 million nodes, the detection technique can detect 3 000 parasitic P2P botnet nodes, and can estimate the number of parasitic zombie nodes that may exist in the KAD network. It can be used as a reference for precise positioning of defense objects and accurate design of defense measures.
【作者单位】： 国家电网浙江省电力公司电力科学研究院;国家电网浙江省电力公司信息通信分公司;国防科学技术大学计算机科学与技术学院;
【基金】：浙江省杰出青年基金资助项目(LR14F020003)
【分类号】：TP393.08
，

本文编号：2039279