English  |  正體中文  |  简体中文  |  Items with full text/Total items : 26362/26959 (98%)
Visitors : 11325951      Online Users : 294
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version

    Please use this identifier to cite or link to this item: http://ir.lib.ksu.edu.tw/handle/987654321/14591

    Title: 殭屍網路監控平台之開發
    其他題名: The Development of Botnet Monitoring Platform
    Authors: 呂育華
    Yu-Hua Lu
    指導教授: 王平
    Keywords: 殭屍網路;殭屍電腦;監控平台;網路安全
    Botnet;Zombie;Monitoring platform;Network security
    Date: 2011
    Issue Date: 2011-10-04 23:13:16 (UTC+8)
    Abstract: 隨著科技創新,殭屍網路(Botnet),為目前最新式的網路攻擊型態,其透過其電子郵件、通訊軟體、或利用電腦系統漏洞等方式,將殭屍病毒(Bot)隱藏於應用程式或網頁中,以植入受害主機,造成大量使用者主機感染形成殭屍電腦(zombie),以執行惡意任務。每台殭屍電腦會通過特定協定,例如HTTP、SSH或 P2P與殭屍網路的控制中心建立連接,接受來自控制中心的控制指令,造成阻斷服務、濫發電子郵件甚至偷竊個人隱私資訊等網路犯罪。本研究發展一套殭屍網路之監控平台,能夠檢查遠端主機,蒐集及記錄受監控主機的感染狀況、網路流量,當受監控主機感染殭屍病毒時,進行數位解藥派送,並將解毒後的即時系統記錄回報至監控平台;若發生資安緊急情況,可遠端中斷網路連線,並發送警告訊息給網路管理者,強化網路安全防護並大幅降低網路管理的負擔。
    Nowadays, botnet has become a new type of network attack via the use of e-mail, social network or host vulnerability that downloads bots into the infected computers. As a result, many infected hosts (i.e., zombie) have been taken over by hackers in order to perform malicious tasks. Hackers used botnet to and Zombies can be manipulated by distinct protocols such as http, ssh or p2p from Command & Control center (C&C) that leads to serious threats, for example, DDOS, SPAM and steal business information. The present study develops a botent monitoring platform to check the remote hosts, collect the abnormal behaviors of zombie and monitor the network flow. When detected the malicious behaviors of bot from suspicious hosts, the platform will send the digital antidote to recover as well as report the real-time status of hosts back to the platform via system logs. Two real-cases are conducted to show that the proposed approach can effectively monitor the botnets, distribute the digital antidote and rapidly cut the inbound/outbound of network connections that enhance the network security protection and lower the loading in network management by sending the alert message to manager.
    Appears in Collections:[資訊管理系所] 博碩士論文

    Files in This Item:

    File Description SizeFormat
    ksu-100-G980Q001-1.pdf2890KbAdobe PDF107View/Open

    All items in KSUIR are protected by copyright, with all rights reserved.

    ©Kun Shan University Library and Information Center
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback