| Summary: | 碩士 === 中國文化大學 === 資訊管理學系 === 103 === Botnet masters apply distributed point-to-point characteristics of P2P on Botnet to conduct attacks due to the common use of P2P transmission software. Current research-ers focused on methods using packet flow information on the detection of Botnet vi-ruses.
The paper analyzes the Botnet DDos and data stealing behaviors. First, Botnet DDos Quantitative Association rules are generated based on network flow information of six different categories. Second, data stealing behavior patterns are built using string matching and decision tree technique based on Communication Command. Botnet DDos Quantitative Association rules and data stealing behavior patterns are applied to discover viruses.
In the virus blocking system, the system disables the network connection to appli-cation program once a virus in the program is identified. Accuracies of identifying Bot-net viruses, non-Botnet viruses, and both are 100%, 75% and 93.7% respectively. The accuracy of identifying of normal application programs is 100%.
|
|---|
