基于IRC协议的僵尸网络恶意流量检测与阻断

2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007) Pub Date : 2007-09-18 DOI:10.1109/NPC.2007.77

Z. Chi, Zixiang Zhao

{"title":"基于IRC协议的僵尸网络恶意流量检测与阻断","authors":"Z. Chi, Zixiang Zhao","doi":"10.1109/NPC.2007.77","DOIUrl":null,"url":null,"abstract":"One of the most potentially dangerous security problems for computer networks is the botnet. Since botnets based on the IRC (Internet chat relay) protocol are relatively new, not enough research has been done on them. In this paper, we propose a method to detect the botmaster by starting from the victim and working backwards through the routers. The malicious traffic is blocked during the process of detecting the botmaster router by router.","PeriodicalId":278518,"journal":{"name":"2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":"{\"title\":\"Detecting and Blocking Malicious Traffic Caused by IRC Protocol Based Botnets\",\"authors\":\"Z. Chi, Zixiang Zhao\",\"doi\":\"10.1109/NPC.2007.77\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"One of the most potentially dangerous security problems for computer networks is the botnet. Since botnets based on the IRC (Internet chat relay) protocol are relatively new, not enough research has been done on them. In this paper, we propose a method to detect the botmaster by starting from the victim and working backwards through the routers. The malicious traffic is blocked during the process of detecting the botmaster router by router.\",\"PeriodicalId\":278518,\"journal\":{\"name\":\"2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007)\",\"volume\":\"23 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-09-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"19\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NPC.2007.77\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NPC.2007.77","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 19

摘要

计算机网络中最具潜在危险的安全问题之一是僵尸网络。由于基于IRC (Internet聊天中继)协议的僵尸网络相对较新，因此对它们的研究还不够。在本文中，我们提出了一种从受害者开始并通过路由器向后工作的方法来检测僵尸主机。恶意流量在被路由器检测到botmaster路由器的过程中被阻断。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Detecting and Blocking Malicious Traffic Caused by IRC Protocol Based Botnets

One of the most potentially dangerous security problems for computer networks is the botnet. Since botnets based on the IRC (Internet chat relay) protocol are relatively new, not enough research has been done on them. In this paper, we propose a method to detect the botmaster by starting from the victim and working backwards through the routers. The malicious traffic is blocked during the process of detecting the botmaster router by router.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007)

自引率

0.00%

发文量