English  |  正體中文  |  简体中文  |  Items with full text/Total items : 67621/67621 (100%)
Visitors : 23099752      Online Users : 261
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/9638


    Title: 透過封包分析偵測並瓦解僵屍網路;Botnet Detection and Collapse based on Traffic Analysis
    Authors: 陳天豪;Tian-Hao Chen
    Contributors: 資訊工程研究所
    Keywords: 網際網路中繼聊天;僵屍;僵屍網路;域名轉向;網路安全;IRC;bot;botnet;DNS hijacking;network security
    Date: 2009-01-16
    Issue Date: 2009-09-22 11:52:23 (UTC+8)
    Publisher: 國立中央大學圖書館
    Abstract: 現今的電腦網路安全正面臨到木馬、蠕蟲、分散式阻斷服務攻擊與廣告釣魚信件的威脅,而在背後支撐起這些恐怖力量的正是Botnet,也就是所謂的僵屍網路。 僵屍網路是由傳統的惡意程式進化來的新型態攻擊方式,特色在於提供了攻擊者隱密、有彈性且能夠一對多的操控僵屍進行任務。僵屍網路主要是透過IRC 通訊協定來做溝通,本文便以IRC的Botnet病毒為研究重心,透過域名轉向技術將中了僵屍網路病毒的電腦匯集在一起,阻斷與駭客之間的聯繫,再配合封包解析把控制僵屍的方法找出,以協助這些被駭客操控的電腦解毒。實驗結果證實我們的方法可行,不但成功將的把中了僵屍病毒的電腦匯集起來,還找到了協助他們解毒的辦法。 A group of bots, referred to as a botnet, is remotely controllable by a server and can be used for sending spam mails, stealing personal information, and launching DDoS attacks. Botnets are evolved from malicious program, its features are providing the attacker secret, flexibility and very powerful capability. IRC is the most common botnet commend and control mechanism because it is scalable and easy to hide within. So in this paper, we focus on the IRC-based virus, using DNS hijacking technology to converge computers infected with botnet virus, this way is to monopolize the connection between hackers. Then figure out hackers how to control bots via traffic analysis. Our results show that bots traffic can be filtering and redirection, and we also can give bot client assistance in clean virus up.
    Appears in Collections:[資訊工程研究所] 博碩士論文

    Files in This Item:

    File SizeFormat
    0KbUnknown563View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback  - 隱私權政策聲明