首页> 外文会议>Information Reuse and Integration, 2007 IEEE International Conference on >Towards Practical Framework for Collecting and Analyzing Network-Centric Attacks
【24h】

Towards Practical Framework for Collecting and Analyzing Network-Centric Attacks

机译:迈向收集和分析以网络为中心的攻击的实用框架

获取原文
获取原文并翻译 | 示例

摘要

Since nearly the beginning of the Internet, malware has been a significant deterrent to productivity for end-users, both personal and business related. A particular malware, known as a bot, can create networks of compromised machines called botnets, which are some of the most threatening adversaries over the Internet due in large part to the difficulty of identifying botnet traffic patterns. We have witnessed that existing signature-based detection and protection methods are ineffective, when used alone, in dealing with new unknown bots. In this paper, we introduce a risk-aware network-centric management framework to detect and prevent targeted botnet attacks as well as propagation attempts within the network. As the first step in that direction we focus on learning more information about the bots by identifying malicious characteristics through the network traffic. Once we have their characteristics we then decide whether or not those characteristics present a significant risk to the network that is being protected by our architecture. Using risk as a factor in the decision process helps identify the bots more systematically. We present two scenarios that describe the risk-aware process and show that our framework shows great promise.
机译:自从Internet几乎开始以来,恶意软件就一直极大地阻碍了个人和企业相关最终用户的生产力。一种特定的恶意软件,即一种称为bot的恶意软件,可以创建受感染机器(称为botnet)的网络,这些网络是Internet上威胁最大的敌人之一,这在很大程度上是由于难以识别botnet流量模式。我们已经看到,现有的基于签名的检测和保护方法单独使用时,在处理新的未知漫游器时无效。在本文中,我们介绍了一种以风险意识为中心的以网络为中心的管理框架,以检测和阻止有针对性的僵尸网络攻击以及网络内部的传播尝试。作为朝着这个方向迈出的第一步,我们着重于通过网络流量识别恶意特征来学习有关机器人的更多信息。一旦有了它们的特征,我们便可以决定这些特征是否会对受我们的体系结构保护的网络构成重大风险。在决策过程中使用风险作为因素有助于更系统地识别机器人。我们提供了两种描述风险感知过程的方案,并表明我们的框架显示出巨大的希望。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号