中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/61002
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 83776/83776 (100%)
Visitors : 59453523      Online Users : 1324
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://ir.lib.ncu.edu.tw/handle/987654321/61002


    Title: 主動式傳播殭屍網路防禦機制;A Defense Mechanism for the Active Spread of Botnet
    Authors: 葉奇鑫;Yeh,Chi-Hsin
    Contributors: 資訊工程學系
    Keywords: 殭屍網路;主動式入侵;誘捕系統;解毒;殭屍網路傳播;Bot;Botnet;Active intrusion;Honeypot;Active spread of botnet
    Date: 2013-07-30
    Issue Date: 2013-08-22 12:09:18 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 殭屍網路是目前最嚴重的資訊安全威脅之一,原因在於殭屍網路是結合多種惡意程式特色的攻擊手法,攻擊者具有高度隱密性並能同時一對多來操控整個殭屍網路進行惡意行為,所以越來越多的攻擊者把攻擊的目標轉向於殭屍網路,也使得殭屍病毒程式不斷的改進加強。
    根據不同殭屍病毒入侵受害者電腦的方式不同,可將入侵方式分成主動式與被動式兩類型,主動式是指攻擊者去利用漏洞入侵到受害者電腦,並取得權限去安裝惡意程式,這類的情況屬於攻擊者方主動發動攻擊的,受害者電腦是在無知的狀況。被動式是指受害者在攻擊者的誘騙下點擊安裝了惡意程式成為殭屍網路受害者,此類發生的原因大多取決於受害者的不良習慣所致,因為操作習慣難以短期間改變,往往容易在清毒之後短時間內又成為殭屍網路受害者,這說明了被動式誘騙的殭屍網路是難以防範的。因此,我們將針對主動式入侵攻擊的方式提出防禦機制,利用動態延伸蜜罐誘捕系統(Dynamic Extensible Two-way Honeypot)機制提供連上特殊的偽造C&C伺服器來作為解毒的方法以防止主動式殭屍網路的傳播。
    Botnet is one of the most serious security threats. Because the zombie network is a combination of a variety of unique malware attack techniques, attackers not only can hidden themselves but also can control multiple bots to do many malicious behaviors. So more and more attackers turn their target on botnets, they continuously improve and enhance botnet malware.Depending on the invasive ways of botnet malware, we can divide invasive ways into two types: active and passive ways. For the latter, victims install and execute the botnet malware by themselves, because they have a bad habit of network usage. Even if their computers have been cleared the malware, they are likely to be a bot again in a short time. It explains the passive decoy botnet is difficult to prevent. We will focus on the defense mechanism of active intrusion, and we use dynamic extensible honeypot system to provide a special connection to the server and remove malwares to prevent the active spread of botnet.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML720View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明