|
|||||
|
|
| 一种高效的蠕虫动态防御抑制策略 | |
| 引用本文: | 赵远东,杨雄,云晓春.一种高效的蠕虫动态防御抑制策略[J].大连理工大学学报,2005,45(Z1):176-179. |
| 作者姓名: | 赵远东 杨雄 云晓春 |
| 作者单位: | 1. 南京信息工程大学,信息与通信系,江苏,南京,210044 2. 南京信息工程大学,信息与通信系,江苏,南京,210044;国家计算机应急技术处理与协调中心CNCERT/CC,北京,100029 3. 国家计算机应急技术处理与协调中心CNCERT/CC,北京,100029;哈尔滨工业大学,国家信息内容安全重点实验室,黑龙江,哈尔滨,150001 |
| 摘 要: | 通过对目前几种蠕虫抑制策略的分析比较,提出了一种新的高效的动态防御蠕虫抑制策略--DDWC,论证了这种策略对快速和慢速蠕虫抑制的有效性;同时分析了正常网络行为对抑制策略的影响,大大降低了DDWC策略的误报率. 仿真结果证明经过改进的两轮抑制算法策略能够高效地抑制快速和慢速蠕虫,同时具有较好的低误报性. |
| 关 键 词: | 蠕虫抑制 蠕虫检测 失败连接 误报率 |
| 文章编号: | 1004-5619(2005)04-S16-02 |
| 修稿时间: | 2005年2月25日 |
Effective strategy of worm dynamic defence and containment |
|
| ZHAO Yuan-dong,YANG Xiong,YUN Xiao-chun.Effective strategy of worm dynamic defence and containment[J].Journal of Dalian University of Technology,2005,45(Z1):176-179. | |
| Authors: | ZHAO Yuan-dong YANG Xiong YUN Xiao-chun |
| Abstract: | Based on the comparison and analysis of several worms containment strategy,a new and effective strategy of worm dynamic defence and containment(which is named DDWC) is proposed.The effectiveness for containing top-speed scan worm and slow-speed scan worm is demonstrated.The impact of normal network traffic on the containment strategy is also analyzed so that it brings down false positives largely.The simulation results have verified that the improved two-rotation quarantine algorithm can contain worms effectively and create lower false alarms. |
| Keywords: | worm containment worm detection false connection false alarms |
| 本文献已被 CNKI 万方数据 等数据库收录! | |