中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/48549
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41898267      Online Users : 1385
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/48549


    Title: 使用OpenFlow Switch分析偵測殭屍網路;Botnet Traffic Analysis and Dectection by Using OpenFlow Switch
    Authors: 黃勝獅;Sheng-shi Huang
    Contributors: 資訊工程研究所
    Keywords: OpenFlow Switch;殭屍網路;網路安全;OpenFlow Switch;Network security;Botnet
    Date: 2011-08-30
    Issue Date: 2012-01-05 14:57:39 (UTC+8)
    Abstract: 殭屍網路,又稱魁儡網路,病毒會隨著e-mail、網址、通訊軟體、隨身碟及電腦漏洞,侵入電腦,並偽裝成一般的程式,使用者電腦通常在不知情的狀況下感染,電腦被感染後,會主動與駭客所設置的控制伺服器連線,當建立完連線之後,駭客就可以透過遠端遙控並從事惡意的行為。 殭屍網路早期主要是透過IRC通訊協定來作溝通,但由於其之前太過普及,大部分的公司都會直接將此通訊協定擋在防火牆之外,為了穿越防火牆,許多殭屍網路進而轉以HTTP及P2P協定來作溝通,本篇以HTTP的botnet病毒為研究重心,透過使用史丹佛大學開發的NetFPGA 搭配openflow switch的平台,藉其擁有快速導向的功能及虛擬網路的優點,可實際分析電腦感染後的行為,並將HTTP based 殭屍網路的控制方法找出,透過openflow switch的協助,通知受感染的使用者解毒,阻斷其與駭客之間的聯繫。 Botnet, also known as Zombie Network. Virus with the e-mail, website, communication software, USB device and computer vulnerabilities, hacking the computers and disguising as ordinary program, computer users often unknowingly infected. If the computer is infected as a botnet member, the victim computer will active set the hacker’s connection with Control & Command server. When the connection is set up completed, the hacker can remotely control and engage in malicious behavior. Botnets in the early days through IRC protocol for communication, as early too popular ,most companies will directly block the protocol outside the firewall, in order to pass through the firewall, Many botnet then transferred to HTTP and P2P protocol to communicate. This article focus on HTTP botnet virus, through the use of Stanford University developed NetFPGA with OpenFlow Switch platform, due to the OpenFlow switch has quick redirection and advantages of the virtual network, it can be the actual analysis of the behavior of infected computer and find out HTTP based botnet control methods, through OpenFlow Switch assistance ,notify the affected user ,blocking it with the link between hacker.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML636View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明