Key technologies of new malicious code developments and defensive measures in communication networks

doi:10.1016/S1005-8885(09)60490-8

中国邮电高校学报(英文) ›› 2010, Vol. 17 ›› Issue (4): 69-73.doi: 10.1016/S1005-8885(09)60490-8

• Artificial Intelligence • 上一篇下一篇

Key technologies of new malicious code developments and defensive measures in communication networks

李鹏,张伟,王汝传

College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210003, China

收稿日期:2009-08-17 修回日期:2010-02-01 出版日期:2010-08-30 发布日期:2010-08-31
通讯作者: 王汝传 E-mail:wangrc@njupt.edu.cn
基金资助:
This work was supported by the National Natural Science Foundation of China (60973139, 60773041), the Natural Science Foundation of Jiangsu Province (BK2008451), the Hi-Tech Research and Development Program of China (2007AA01Z404, 2007AA01Z478), Foundation of National Laboratory for Modern Communications (9140C1105040805), the Postdoctoral Foundation (0801019C, 20090451240, 20090451241), the Science & Technology Innovation Fund for Higher Education Institutions of Jiangsu Province (CX08B-085Z, CX08B-086Z), and the Six Kinds of Top Talent of Jiangsu Province (2008118).

Key technologies of new malicious code developments and defensive measures in communication networks

LI Peng, WANG Ru-chuan ,ZHANG Wei

College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210003, China

Received:2009-08-17 Revised:2010-02-01 Online:2010-08-30 Published:2010-08-31
Supported by:
This work was supported by the National Natural Science Foundation of China (60973139, 60773041), the Natural Science Foundation of Jiangsu Province (BK2008451), the Hi-Tech Research and Development Program of China (2007AA01Z404, 2007AA01Z478), Foundation of National Laboratory for Modern Communications (9140C1105040805), the Postdoctoral Foundation (0801019C, 20090451240, 20090451241), the Science & Technology Innovation Fund for Higher Education Institutions of Jiangsu Province (CX08B-085Z, CX08B-086Z), and the Six Kinds of Top Talent of Jiangsu Province (2008118).

摘要/Abstract

摘要：

This article is focused on analyzing the key technologies of new malicious code and corresponding defensive measures in the large-scale communication networks. Based on description of the concepts and development of the malicious code, the article introduces the anti-analysis technology, splitting and inserting technology, hiding technology, polymorph virus technology, and auto production technology of the malicious code trends with intelligence, diversity and integration. Following that, it summarizes the security vulnerabilities of communication networks from four related layers aspects, according to the mechanisms of malicious code in the communication networks. Finally, it proposes rapid response disposition of malicious code attacks from four correlated steps: building up the network node monitoring system, suspicious code feature automation analysis and extraction, rapid active malicious code response technique for unknown malicious code, and malicious code attack immunity technique. As a result, it actively defenses against the unknown malicious code attacks and enhances the security performance of communication networks.

关键词:

network security, malicious code, network attack and defense, malicious code defense

Abstract:

Key words:

network security, malicious code, network attack and defense, malicious code defense

LI Peng, WANG Ru-chuan ,ZHANG Wei. Key technologies of new malicious code developments and defensive measures in communication networks[J]. Acta Metallurgica Sinica(English letters), 2010, 17(4): 69-73.

参考文献

1. Cohen F. Computer viruses. Los Angeles, CA, USA: University of Southern California, 1987: 22-35

2. Cohen F. Computational aspects of computer viruses. Computers & Security, 1989, 8(4): 325-344

3. Grimes R A. Malicious mobile code: virus protection for windows. Sebastopol, CA, USA: O'Reilly & Associates, 2001: 2-3

4. Spafford E H. The Internet worm program: an analysis. Technical Report, CSD-TR-823. West Lafayette, IA, USA: Department of Computer Science Purdue University. 1988: 1-29

5. Kienzle D M, Elder M C. Recent worms: a survey and trends. Proceedings of the 2003 ACM Workshop on Rapid Malcode (WORM’03), Oct 27, 2003, Washington, DC, USA. New York, NY, USA: ACM, 2003: 1-10

6. Zhuge J W, Holz T, Song C Y, et al. Studying malicious websites and the underground economy on the Chinese Web. Proceedings of the 7th Workshop on the Economics of Information Security (WEIS’08), Jun 25-27, 2008, Hanover, NH, USA. New York, NY, USA: Springer- Verlag, 2009: 225-244

7. Han L S, Han S X, Yang M. The epidemic threshold of a more general epidemic spreading model for network viruses. Proceedings of the 3rd IEEE Conference on Natural Computation (ICNC’07), Aug 24-27, 2007, Haikou, China. Los Alamitos, CA, USA: IEEE Computer Society, 2007: 66-69

8. Greg H, James B. Rootkits: Subverting the Windows kernel. Boston, MA, USA: Addison Wesley, 2005: 57-64

9. Sun J H, Qin J Z, Chen S, et al. A virus immunization model based on communities in large scale networks. Proceedings of International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD’07): Vol 3, Jul 30-Aug 1, 2007, Qingdao, China. Piscataway, NJ, USA: IEEE, 2007: 917-922

10. Wen W P. Research on mechanism and defense of malicious code. Ph. D thesis. Beijing, China: Institute of Software Chinese Academy of Sciences, 2004: 40-53 (in Chinese)

11. Qing S H, Wen W P.A survey and trends on Internet worms. Computers & Security. 2005, 24(4): 334-346

12. Quittek J, Niccolini S, Tartarelli S, et al. On spam over Internet telephony (SPIT) prevention. IEEE Communications Magazine, 2008, 46(8): 80-86

13. McClure S, Scambray J, Kurtz G. Hacking exposed: network security secrets and solutions. 4th ed. New York, NY, USA: McGraw-Hill, 2003: 452-453

14. Anagnostakis K G, Ioannidis S, Miltchev S, et al. Efficient packet monitoring for network management. Proceedings of the 8th IEEE/ IFIP Network Operations and Management Symposium (NOMS’05), April 15-19, 2005, Florence, Italy. Piscataway, NJ, USA: IEEE, 2005: 15p

15. Hwang S J, Chen K H. A proxy automatic signature scheme using a compiler in distributed systems for (unknown) virus detection. Proceedings of the 19th International Conference on Advanced Information Networking and Applications (AINA’05), Mar 28-30, 2005, Taipei, China. Piscataway, NJ, USA: IEEE, 2005: 649-654

16. Wang J H, Deng P S, Fan Y S, et al. Virus detection using data mining techinques. Proceedings of the IEEE 37th Annual International Carnahan Conference on Security Technology (CCST’03), Oct 14-16, 2003, Taipei, China. Piscataway, NJ, USA: IEEE, 2003: 71-76

17. Oh S Y, Cornell B, Smith D, et al. Rapid detection of influenza a virus in clinical samples using an ion channel switch biosensor. Biosensors and Bioelectronics. 2008, 23(7): 1161-1165

18. Li T, Liu X J, Li H B. An immune-based model for computer virus detection. Proceedings of the 4th International Conference on Cryptology and Network Security (CANS’05), Dec 14-16, Xiamen, China. LNCS 3810. Berlin, Germany: Springer-Verlag, 2005: 59-71

19. Case J, Samuel E I. Cautious virus detection in the extreme. Proceedings of the 2007 ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS’07), Jun 14, 2007, San Diego, CA, USA. New York, NY, USA: ACM, 2007: 47-52

20. Hu H P, Liang X, Zhang B L. Proactive-defense network transmission system. Acta Electronica Sinica, 2005, 33(4): 701-705 (in Chinese)

Key technologies of new malicious code developments and defensive measures in communication networks

Key technologies of new malicious code developments and defensive measures in communication networks

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 0

编辑推荐

Metrics

本文评价