摘要
泛在网络环境下,各类设备处于智能化初期,安全问题众多,同时用户的安全意识并没有随着设备的智能化而同步提升,加之泛在网络互联互通的特性,这些都为恶意代码的生存、传播、发展提供了巨大的空间。僵尸网络作为传统的最有效的网络攻击方法之一,在泛在网络环境下其形态和命令控制机制都发生了变化,这为防御人员带来了新的安全挑战。在了解泛在网络环境特征的基础上,文章给出泛在僵尸网络的形式化定义,并从机理特性、构建流程、技术手段等方面对泛在僵尸网络进行了全面介绍。按照时间顺序将泛在僵尸网络的发展历程分为PC攻击阶段、手机攻击阶段、广泛攻击阶段3个阶段。从传播感染技术、生存驻留技术和控制管理技术3个角度分析了泛在僵尸网络所用的核心技术细节。文章总结了当前泛在僵尸网络的主要防御对抗方法,并对未来可能的研究热点进行了展望。
The current devices in ubiquitous network are in the early stage of intelligence,resulting in many security issues.In addition,the universally low security consciousness among users and the connectivity of ubiquitous network provide a huge space for malicious codes' survival,propagation and development.Botnet is one of the most effective attack platforms.However,as the forms and command and control mechanisms change in the ubiquitous network environment,there are new challenges to defenders.This paper,on the basis of making clear the features of ubiquitous network environment,gives the formal definition of ubiquitous botnet,and makes a comprehensive introduction of the mechanism,build process and core technology.Moreover,the paper divides the development of ubiquitous botnet into three stages in chronological order,namely,attacks to PC,attacks to phone and extensive attacks,and analyzes the technical details from spreading infection,survival ability and control management.After a summary of the present defensive countermeasures,possible future attempts are presented.
作者
吴迪
崔翔
刘奇旭
张方娇
WU Di;CUI Xiang;LIU Qixu;ZHAGN Fangjiao(1. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China; 2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China; 3. Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou Guangdong 510006, China)
出处
《信息网络安全》
CSCD
北大核心
2018年第7期16-28,共13页
Netinfo Security
基金
国家重点研发计划[2016YFB0801604]
东莞市引进创新科研团队计划[201636000100038]
中国科学院网络测评技术重点实验室和网络安全防护技术北京市重点实验室资助项目
关键词
泛在网络
僵尸网络
命令控制信道
ubiquitous network
botnet
command and control channel (C&C channel)