Key technologies of new malicious code developments and defensive measures in communication networks

doi:10.1016/S1005-8885(09)60490-8

Acta Metallurgica Sinica(English letters) ›› 2010, Vol. 17 ›› Issue (4): 69-73.doi: 10.1016/S1005-8885(09)60490-8

• Wireless • Previous Articles Next Articles

Key technologies of new malicious code developments and defensive measures in communication networks

LI Peng, WANG Ru-chuan ,ZHANG Wei

College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210003, China

Received:2009-08-17 Revised:2010-02-01 Online:2010-08-30 Published:2010-08-31
Supported by:
This work was supported by the National Natural Science Foundation of China (60973139, 60773041), the Natural Science Foundation of Jiangsu Province (BK2008451), the Hi-Tech Research and Development Program of China (2007AA01Z404, 2007AA01Z478), Foundation of National Laboratory for Modern Communications (9140C1105040805), the Postdoctoral Foundation (0801019C, 20090451240, 20090451241), the Science & Technology Innovation Fund for Higher Education Institutions of Jiangsu Province (CX08B-085Z, CX08B-086Z), and the Six Kinds of Top Talent of Jiangsu Province (2008118).

Abstract

Abstract:

This article is focused on analyzing the key technologies of new malicious code and corresponding defensive measures in the large-scale communication networks. Based on description of the concepts and development of the malicious code, the article introduces the anti-analysis technology, splitting and inserting technology, hiding technology, polymorph virus technology, and auto production technology of the malicious code trends with intelligence, diversity and integration. Following that, it summarizes the security vulnerabilities of communication networks from four related layers aspects, according to the mechanisms of malicious code in the communication networks. Finally, it proposes rapid response disposition of malicious code attacks from four correlated steps: building up the network node monitoring system, suspicious code feature automation analysis and extraction, rapid active malicious code response technique for unknown malicious code, and malicious code attack immunity technique. As a result, it actively defenses against the unknown malicious code attacks and enhances the security performance of communication networks.

Key words:

network security, malicious code, network attack and defense, malicious code defense

LI Peng, WANG Ru-chuan ,ZHANG Wei. Key technologies of new malicious code developments and defensive measures in communication networks[J]. Acta Metallurgica Sinica(English letters), 2010, 17(4): 69-73.

References

1. Cohen F. Computer viruses. Los Angeles, CA, USA: University of Southern California, 1987: 22-35

2. Cohen F. Computational aspects of computer viruses. Computers & Security, 1989, 8(4): 325-344

3. Grimes R A. Malicious mobile code: virus protection for windows. Sebastopol, CA, USA: O'Reilly & Associates, 2001: 2-3

4. Spafford E H. The Internet worm program: an analysis. Technical Report, CSD-TR-823. West Lafayette, IA, USA: Department of Computer Science Purdue University. 1988: 1-29

5. Kienzle D M, Elder M C. Recent worms: a survey and trends. Proceedings of the 2003 ACM Workshop on Rapid Malcode (WORM’03), Oct 27, 2003, Washington, DC, USA. New York, NY, USA: ACM, 2003: 1-10

6. Zhuge J W, Holz T, Song C Y, et al. Studying malicious websites and the underground economy on the Chinese Web. Proceedings of the 7th Workshop on the Economics of Information Security (WEIS’08), Jun 25-27, 2008, Hanover, NH, USA. New York, NY, USA: Springer- Verlag, 2009: 225-244

7. Han L S, Han S X, Yang M. The epidemic threshold of a more general epidemic spreading model for network viruses. Proceedings of the 3rd IEEE Conference on Natural Computation (ICNC’07), Aug 24-27, 2007, Haikou, China. Los Alamitos, CA, USA: IEEE Computer Society, 2007: 66-69

8. Greg H, James B. Rootkits: Subverting the Windows kernel. Boston, MA, USA: Addison Wesley, 2005: 57-64

9. Sun J H, Qin J Z, Chen S, et al. A virus immunization model based on communities in large scale networks. Proceedings of International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD’07): Vol 3, Jul 30-Aug 1, 2007, Qingdao, China. Piscataway, NJ, USA: IEEE, 2007: 917-922

10. Wen W P. Research on mechanism and defense of malicious code. Ph. D thesis. Beijing, China: Institute of Software Chinese Academy of Sciences, 2004: 40-53 (in Chinese)

11. Qing S H, Wen W P.A survey and trends on Internet worms. Computers & Security. 2005, 24(4): 334-346

12. Quittek J, Niccolini S, Tartarelli S, et al. On spam over Internet telephony (SPIT) prevention. IEEE Communications Magazine, 2008, 46(8): 80-86

13. McClure S, Scambray J, Kurtz G. Hacking exposed: network security secrets and solutions. 4th ed. New York, NY, USA: McGraw-Hill, 2003: 452-453

14. Anagnostakis K G, Ioannidis S, Miltchev S, et al. Efficient packet monitoring for network management. Proceedings of the 8th IEEE/ IFIP Network Operations and Management Symposium (NOMS’05), April 15-19, 2005, Florence, Italy. Piscataway, NJ, USA: IEEE, 2005: 15p

15. Hwang S J, Chen K H. A proxy automatic signature scheme using a compiler in distributed systems for (unknown) virus detection. Proceedings of the 19th International Conference on Advanced Information Networking and Applications (AINA’05), Mar 28-30, 2005, Taipei, China. Piscataway, NJ, USA: IEEE, 2005: 649-654

16. Wang J H, Deng P S, Fan Y S, et al. Virus detection using data mining techinques. Proceedings of the IEEE 37th Annual International Carnahan Conference on Security Technology (CCST’03), Oct 14-16, 2003, Taipei, China. Piscataway, NJ, USA: IEEE, 2003: 71-76

17. Oh S Y, Cornell B, Smith D, et al. Rapid detection of influenza a virus in clinical samples using an ion channel switch biosensor. Biosensors and Bioelectronics. 2008, 23(7): 1161-1165

18. Li T, Liu X J, Li H B. An immune-based model for computer virus detection. Proceedings of the 4th International Conference on Cryptology and Network Security (CANS’05), Dec 14-16, Xiamen, China. LNCS 3810. Berlin, Germany: Springer-Verlag, 2005: 59-71

19. Case J, Samuel E I. Cautious virus detection in the extreme. Proceedings of the 2007 ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS’07), Jun 14, 2007, San Diego, CA, USA. New York, NY, USA: ACM, 2007: 47-52

20. Hu H P, Liang X, Zhang B L. Proactive-defense network transmission system. Acta Electronica Sinica, 2005, 33(4): 701-705 (in Chinese)

Metrics

Comments

Copyright © 2020 The Journal of China Universities of Posts and Telecommunications
　 Adress: P.O. Box 231,Beijing University of Posts and Telecommunications,10 Xi Tucheng Road,Beijing 100876,P.R.China　Post Code: 100081
Tel：86-010-62282493　Fax： 86-010-62283461　E-mail: jchupt@bupt.edu.cn
Support by: Beijing Magtech Co.Ltd

Key technologies of new malicious code developments and defensive measures in communication networks

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 0

Recommended Articles

Metrics

Comments