基于MapReduce的僵尸網(wǎng)絡(luò)在線檢測(cè)算法
[Abstract]:At present botnets are mainly detected by network traffic analysis which often depends on the malicious behavior of zombie hosts or requires information from external systems. In addition, the traditional flow analysis method is difficult to meet the real-time requirements. In this paper, a botnet online detection algorithm based on MapReduce is proposed. The algorithm detects botnet by analyzing network traffic and extracting its inherent correlation relationship, and analyzes the data on cloud computing platform. Data acquisition and data analysis are synchronized to achieve online detection. The experimental results show that the detection rate of the algorithm can reach more than 90%, the false alarm rate is less than 5%, and the acceleration ratio is close to linear when the data is large, which verifies the feasibility of cloud computing technology in botnet detection.
【作者單位】: 南開大學(xué)信息技術(shù)科學(xué)學(xué)院;天津城市建設(shè)大學(xué)計(jì)算機(jī)與信息工程學(xué)院;
【基金】:天津市重點(diǎn)項(xiàng)目(11jczdjc28100) 國家科技支撐計(jì)劃(2012BAF12B00)資助課題
【分類號(hào)】:TP393.08
【參考文獻(xiàn)】
相關(guān)期刊論文 前2條
1 方濱興;崔翔;王威;;僵尸網(wǎng)絡(luò)綜述[J];計(jì)算機(jī)研究與發(fā)展;2011年08期
2 江健;諸葛建偉;段海新;吳建平;;僵尸網(wǎng)絡(luò)機(jī)理與防御技術(shù)[J];軟件學(xué)報(bào);2012年01期
【共引文獻(xiàn)】
相關(guān)期刊論文 前10條
1 許力文;喬麗娟;李壯;;P2P僵尸網(wǎng)絡(luò)安全機(jī)制研究[J];計(jì)算機(jī)安全;2013年01期
2 陳向東;李靜蕾;;僵尸網(wǎng)絡(luò)攻擊原理及檢測(cè)技術(shù)研究[J];濟(jì)南職業(yè)學(xué)院學(xué)報(bào);2012年01期
3 馮麗萍;韓琦;王鴻斌;康蘇明;;P2P僵尸網(wǎng)絡(luò)的有效免疫措施[J];計(jì)算機(jī)應(yīng)用;2012年09期
4 馮麗萍;韓琦;王鴻斌;;具有變化感染率的僵尸網(wǎng)絡(luò)傳播模型[J];計(jì)算機(jī)科學(xué);2012年11期
5 李躍;翟立東;王宏霞;時(shí)金橋;;一種基于社交網(wǎng)絡(luò)的移動(dòng)僵尸網(wǎng)絡(luò)研究[J];計(jì)算機(jī)研究與發(fā)展;2012年S2期
6 李世淙;云曉春;張永錚;;一種基于分層聚類方法的木馬通信行為檢測(cè)模型[J];計(jì)算機(jī)研究與發(fā)展;2012年S2期
7 歐陽賠;蘇璞睿;和亮;;僵尸網(wǎng)絡(luò)仿真系統(tǒng)設(shè)計(jì)與實(shí)現(xiàn)[J];計(jì)算機(jī)應(yīng)用與軟件;2013年01期
8 吳e,
本文編號(hào):2333613
本文鏈接:http://www.sikaile.net/guanlilunwen/ydhl/2333613.html
