中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/48549
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 80990/80990 (100%)
造访人次 : 41899095      在线人数 : 1201
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/48549


    题名: 使用OpenFlow Switch分析偵測殭屍網路;Botnet Traffic Analysis and Dectection by Using OpenFlow Switch
    作者: 黃勝獅;Sheng-shi Huang
    贡献者: 資訊工程研究所
    关键词: OpenFlow Switch;殭屍網路;網路安全;OpenFlow Switch;Network security;Botnet
    日期: 2011-08-30
    上传时间: 2012-01-05 14:57:39 (UTC+8)
    摘要: 殭屍網路,又稱魁儡網路,病毒會隨著e-mail、網址、通訊軟體、隨身碟及電腦漏洞,侵入電腦,並偽裝成一般的程式,使用者電腦通常在不知情的狀況下感染,電腦被感染後,會主動與駭客所設置的控制伺服器連線,當建立完連線之後,駭客就可以透過遠端遙控並從事惡意的行為。 殭屍網路早期主要是透過IRC通訊協定來作溝通,但由於其之前太過普及,大部分的公司都會直接將此通訊協定擋在防火牆之外,為了穿越防火牆,許多殭屍網路進而轉以HTTP及P2P協定來作溝通,本篇以HTTP的botnet病毒為研究重心,透過使用史丹佛大學開發的NetFPGA 搭配openflow switch的平台,藉其擁有快速導向的功能及虛擬網路的優點,可實際分析電腦感染後的行為,並將HTTP based 殭屍網路的控制方法找出,透過openflow switch的協助,通知受感染的使用者解毒,阻斷其與駭客之間的聯繫。 Botnet, also known as Zombie Network. Virus with the e-mail, website, communication software, USB device and computer vulnerabilities, hacking the computers and disguising as ordinary program, computer users often unknowingly infected. If the computer is infected as a botnet member, the victim computer will active set the hacker’s connection with Control & Command server. When the connection is set up completed, the hacker can remotely control and engage in malicious behavior. Botnets in the early days through IRC protocol for communication, as early too popular ,most companies will directly block the protocol outside the firewall, in order to pass through the firewall, Many botnet then transferred to HTTP and P2P protocol to communicate. This article focus on HTTP botnet virus, through the use of Stanford University developed NetFPGA with OpenFlow Switch platform, due to the OpenFlow switch has quick redirection and advantages of the virtual network, it can be the actual analysis of the behavior of infected computer and find out HTTP based botnet control methods, through OpenFlow Switch assistance ,notify the affected user ,blocking it with the link between hacker.
    显示于类别:[資訊工程研究所] 博碩士論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    index.html0KbHTML636检视/开启


    在NCUIR中所有的数据项都受到原著作权保护.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明