Please wait a minute...
FITEE
Front. Inform. Technol. Electron. Eng.  2014, Vol. 15 Issue (11): 943-983    DOI: 10.1631/jzus.C1300242
    
僵尸网络探测技术:回顾、发展趋势及存在的问题
Ahmad Karim, Rosli Bin Salleh, Muhammad Shiraz, Syed Adeel Ali Shah, Irfan Awan, Nor Badrul Anuar
Faculty of Computer Science and Information Technology, University of Malaya, Kuala Lumpur, Malaysia; Department of Computer Science, University of Bradford, Bradford BD7 1DP, UK
Botnet detection techniques: review, future trends, and issues
Ahmad Karim, Rosli Bin Salleh, Muhammad Shiraz, Syed Adeel Ali Shah, Irfan Awan, Nor Badrul Anuar
Faculty of Computer Science and Information Technology, University of Malaya, Kuala Lumpur, Malaysia; Department of Computer Science, University of Bradford, Bradford BD7 1DP, UK
 全文: PDF 
摘要: 近年来,互联网使得人们可以在分布式计算环境中获取广泛的远程服务。然而,一系列安全问题影响着分布式计算平台数据传输完整性。例如,\"僵尸网络\"(包含恶意代码)就是互联网安全的一种显著威胁。多种犯罪活动依附于僵尸网络,包括分布式拒绝服务(DDoS)攻击、点击欺诈、网络钓鱼、恶意软件分发、垃圾邮件、建立用于非法信息交换的机器,等等。因此,有必要设计并构建一种稳健的机制以提升僵尸网络的探测、分析和移除过程。目前,已有较多工作从不同角度针对僵尸网络的探测技术进行综述,但是,这些工作视角有限,缺乏对最新技术的探讨。本文全面评述僵尸网络最新探测技术,指出该技术的发展趋势;对僵尸网络探测技术作了分类,并通过定性分析凸显了这些技术的潜在影响和关键方面。基于此全面综述,指出涵盖整个僵尸网络探测领域多个方案的改进方向,并指明此领域长期存在的显著挑战。
关键词: 僵尸网络检测异常检测网络安全攻击防护分类    
Abstract: In recent years, the Internet has enabled access to widespread remote services in the distributed computing environment; however, integrity of data transmission in the distributed computing platform is hindered by a number of security issues. For instance, the botnet phenomenon is a prominent threat to Internet security, including the threat of malicious codes. The botnet phenomenon supports a wide range of criminal activities, including distributed denial of service (DDoS) attacks, click fraud, phishing, malware distribution, spam emails, and building machines for illegitimate exchange of information/materials. Therefore, it is imperative to design and develop a robust mechanism for improving the botnet detection, analysis, and removal process. Currently, botnet detection techniques have been reviewed in different ways; however, such studies are limited in scope and lack discussions on the latest botnet detection techniques. This paper presents a comprehensive review of the latest state-of-the-art techniques for botnet detection and figures out the trends of previous and current research. It provides a thematic taxonomy for the classification of botnet detection techniques and highlights the implications and critical aspects by qualitatively analyzing such techniques. Related to our comprehensive review, we highlight future directions for improving the schemes that broadly span the entire botnet detection research field and identify the persistent and prominent research challenges that remain open.
Key words: Botnet detection    Anomaly detection    Network security    Attack    Defense    Taxonomy
收稿日期: 2013-08-31 出版日期: 2014-11-07
CLC:  TP393.08  
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章  
Ahmad Karim
Rosli Bin Salleh
Muhammad Shiraz
Syed Adeel Ali Shah
Irfan Awan
Nor Badrul Anuar

引用本文:

Ahmad Karim, Rosli Bin Salleh, Muhammad Shiraz, Syed Adeel Ali Shah, Irfan Awan, Nor Badrul Anuar. Botnet detection techniques: review, future trends, and issues. Front. Inform. Technol. Electron. Eng., 2014, 15(11): 943-983.

链接本文:

http://www.zjujournals.com/xueshu/fitee/CN/10.1631/jzus.C1300242        http://www.zjujournals.com/xueshu/fitee/CN/Y2014/V15/I11/943

[1] Yu-jun Xiao, Wen-yuan Xu, Zhen-hua Jia, Zhuo-ran Ma, Dong-lian Qi. 一种非侵入式的基于功耗的可编程逻辑控制器异常检测方案[J]. Frontiers of Information Technology & Electronic Engineering, 2017, 18(4): 519-534.
[2] Ehsan Saeedi, Yinan Kong, Md. Selim Hossain. 边信道攻击和学习向量量化[J]. Frontiers of Information Technology & Electronic Engineering, 2017, 18(4): 511-518.
[3] Guang-hui Song, Xiao-gang Jin, Gen-lang Chen, Yan Nie. 基于两级层次特征学习的图像分类方法[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(9): 897-906.
[4] Yi-nan Wang, Zhi-yun Lin, Xiao Liang, Wen-yuan Xu, Qiang Yang, Gang-feng Yan. 考虑信息安全的电力信息物理系统建模研究[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(5): 465-478.
[5] M. F. Kazemi, M. A. Pourmina, A. H. Mazinan. 图像水印框架的层级-方向分解分析[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(11): 1199-1217.
[6] G. R. Brindha, P. Swaminathan, B. Santhi. 一种观点挖掘新词语权重过程性能分析[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(11): 1186-1198.
[7] Guang-jia Song, Zhen-zhou Ji. 匿名地址解析模型[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(10): 1044-1055.
[8] Jie He, Yue-xiang Yang, Yong Qiao, Wen-ping Deng. 基于簇流的细粒度P2P流量分类[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(5): 391-403.
[9] Qi-rong Mao, Xin-yu Pan, Yong-zhao Zhan, Xiang-jun Shen. 基于Kinect的实时面部情感识别[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(4): 272-282.
[10] Li-gang Ma, Jin-song Deng, Huai Yang, Yang Hong, Ke Wang. 基于国产高分辨率遥感影像和面向对象多变量模型的城市土地利用分类[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(3): 238-248.
[11] Omid Abbaszadeh, Ali Amiri, Ali Reza Khanteymoori. 一种概念漂移情况下数据流分类的整体方法[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(12): 1059-1068.
[12] Jie Zhou, Bi-cheng Li, Gang Chen. 基于中文维基的大规模命名实体识别语料自动生成方法[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(11): 940-956.
[13] Ying Cai, Meng-long Yang, Jun Li. 基于深度卷积网络的多分类法在头部姿态估计中的应用[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(11): 930-939.
[14] Syed Adeel Ali Shah, Muhammad Shiraz, Mostofa Kamal Nasir, Rafidah Binti Md Noor. 城市车辆网络的单播路由协议:综述、分类法和开放性研究问题[J]. Front. Inform. Technol. Electron. Eng., 2014, 15(7): 489-513.
[15] Yong-zhao Zhan, Yan-ting Li, Xin-yu Wang, Yi Qian. 基于模型顶点曲率的三维网格盲水印算法[J]. Front. Inform. Technol. Electron. Eng., 2014, 15(5): 351-362.