###
DOI:
Journal of Software:2008.19(3):702-715

僵尸网络研究
诸葛建伟,韩心慧,周勇林,叶志远,邹维
(北京大学 计算机科学技术研究所,北京 100871;国家计算机网络应急技术处理协调中心,北京 100029)
Research and Development of Botnets
ZHUGE Jian-Wei,HAN Xin-Hui,ZHOU Yong-Lin,YE Zhi-Yuan,ZOU Wei
()
Abstract
Chart / table
Reference
Similar Articles
Article :Browse 8277   Download 7848
Received:June 21, 2007    Revised:September 04, 2007
> 中文摘要: 僵尸网络是一种从传统恶意代码形态进化而来的新型攻击方式,为攻击者提供了隐匿、灵活且高效的一对多命令与控制机制,可以控制大量僵尸主机实现信息窃取、分布式拒绝服务攻击和垃圾邮件发送等攻击目的.僵尸网络正步入快速发展期,对因特网安全已造成严重威胁,对中国大陆造成的危害尤为严重.介绍了僵尸网络的演化过程和基本定义,深入剖析了僵尸网络的功能结构与工作机制,讨论了僵尸网络的命令与控制机制和传播模型,并归纳总结了目前跟踪、检测和防御僵尸网络的最新研究成果,最后探讨了僵尸网络的发展趋势和进一步的研究方向.
Abstract:Botnet is a novel attack strategy evolved from traditional malware forms; it provides the attackers stealthy, flexible and efficient one-to-many Command and Control mechanisms, which can be used to order an army of zombies to achieve the goals including information theft, launching distributed denial of service, and sending spam. Botnet has stepped into the expanding phase, and has been a serious threat to Internet security, especially in China mainland. In this paper, the evolution process, concept, functional structure and execution mechanism of botnet are presented, the Command and Control mechanisms and propagation model are discussed, and the latest techniques on botnet tracking, detection and prevention are reviewed. The developing trends of botnet and further topics in this area are also analyzed.
文章编号:     中图分类号:    文献标志码:
基金项目:Supported by the National High-Tech Research and Development Plan of China under Grant Nos.2006AA012445,2006AA01Z410(国家高技术研究发展计划(863));the National Information Security Research Plan of China under Grant No.2006A30(国家242信息安全计划);the Electronic Development Fund of the Ministry ofInformation Industry of China under Grant No.[2006]634(信息产业部电子发展基金);the IBM Ph.D.Fellowship Plan(IBM全球博士生英才计划) Supported by the National High-Tech Research and Development Plan of China under Grant Nos.2006AA012445,2006AA01Z410(国家高技术研究发展计划(863));the National Information Security Research Plan of China under Grant No.2006A30(国家242信息安全计划);the Electronic Development Fund of the Ministry ofInformation Industry of China under Grant No.[2006]634(信息产业部电子发展基金);the IBM Ph.D.Fellowship Plan(IBM全球博士生英才计划)
Foundation items:
Reference text:

诸葛建伟,韩心慧,周勇林,叶志远,邹 维.僵尸网络研究.软件学报,2008,19(3):702-715

ZHUGE Jian-Wei,HAN Xin-Hui,ZHOU Yong-Lin,YE Zhi-Yuan,ZOU Wei.Research and Development of Botnets.Journal of Software,2008,19(3):702-715