中国邮电高校学报(英文) ›› 2010, Vol. 17 ›› Issue (4): 69-73.doi: 10.1016/S1005-8885(09)60490-8

• Artificial Intelligence • 上一篇    下一篇

Key technologies of new malicious code developments and defensive measures in communication networks

李鹏,张伟,王汝传   

  1. College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210003, China
  • 收稿日期:2009-08-17 修回日期:2010-02-01 出版日期:2010-08-30 发布日期:2010-08-31
  • 通讯作者: 王汝传 E-mail:wangrc@njupt.edu.cn
  • 基金资助:

    This work was supported by the National Natural Science Foundation of China (60973139, 60773041), the Natural Science Foundation of Jiangsu Province (BK2008451), the Hi-Tech Research and Development Program of China (2007AA01Z404, 2007AA01Z478), Foundation of National Laboratory for Modern Communications (9140C1105040805), the Postdoctoral Foundation (0801019C, 20090451240, 20090451241), the Science & Technology Innovation Fund for Higher Education Institutions of Jiangsu Province (CX08B-085Z, CX08B-086Z), and the Six Kinds of Top Talent of Jiangsu Province (2008118).

Key technologies of new malicious code developments and defensive measures in communication networks

LI Peng, WANG Ru-chuan ,ZHANG Wei   

  1. College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210003, China
  • Received:2009-08-17 Revised:2010-02-01 Online:2010-08-30 Published:2010-08-31
  • Supported by:

    This work was supported by the National Natural Science Foundation of China (60973139, 60773041), the Natural Science Foundation of Jiangsu Province (BK2008451), the Hi-Tech Research and Development Program of China (2007AA01Z404, 2007AA01Z478), Foundation of National Laboratory for Modern Communications (9140C1105040805), the Postdoctoral Foundation (0801019C, 20090451240, 20090451241), the Science & Technology Innovation Fund for Higher Education Institutions of Jiangsu Province (CX08B-085Z, CX08B-086Z), and the Six Kinds of Top Talent of Jiangsu Province (2008118).

摘要:

This article is focused on analyzing the key technologies of new malicious code and corresponding defensive measures in the large-scale communication networks. Based on description of the concepts and development of the malicious code, the article introduces the anti-analysis technology, splitting and inserting technology, hiding technology, polymorph virus technology, and auto production technology of the malicious code trends with intelligence, diversity and integration. Following that, it summarizes the security vulnerabilities of communication networks from four related layers aspects, according to the mechanisms of malicious code in the communication networks. Finally, it proposes rapid response disposition of malicious code attacks from four correlated steps: building up the network node monitoring system, suspicious code feature automation analysis and extraction, rapid active malicious code response technique for unknown malicious code, and malicious code attack immunity technique. As a result, it actively defenses against the unknown malicious code attacks and enhances the security performance of communication networks.

关键词:

network security, malicious code, network attack and defense, malicious code defense

Abstract:

This article is focused on analyzing the key technologies of new malicious code and corresponding defensive measures in the large-scale communication networks. Based on description of the concepts and development of the malicious code, the article introduces the anti-analysis technology, splitting and inserting technology, hiding technology, polymorph virus technology, and auto production technology of the malicious code trends with intelligence, diversity and integration. Following that, it summarizes the security vulnerabilities of communication networks from four related layers aspects, according to the mechanisms of malicious code in the communication networks. Finally, it proposes rapid response disposition of malicious code attacks from four correlated steps: building up the network node monitoring system, suspicious code feature automation analysis and extraction, rapid active malicious code response technique for unknown malicious code, and malicious code attack immunity technique. As a result, it actively defenses against the unknown malicious code attacks and enhances the security performance of communication networks.

Key words:

network security, malicious code, network attack and defense, malicious code defense