| 基于HoneyClient蜜罐的挂马检测 |
| |
| 引用本文: | 陈凌,王轶骏,薛质.基于HoneyClient蜜罐的挂马检测[J].信息安全与通信保密,2010(5):75-77. |
| |
| 作者姓名: | 陈凌 王轶骏 薛质 |
| |
| 作者单位: | 上海交通大学信息安全工程学院,上海,200240 |
| |
| 摘 要: | 针对当前互联网客户端攻击频发的态势,首先阐述了基于本地程序漏洞的客户端攻击概念,着重讲解了网站挂马攻击的特征。其次阐明了客户端蜜罐系统的基本原理,并介绍了一种高效的客户端蜜罐系统HoneyClient。随后通过对网站挂马攻击的特征分析提出了使用HoneyClient对其进行有效检测的方案,并对该方案进行了事实验证。最后通过对实验结果的分析与总结,提出了对网页木马型客户端攻击进行检测的改进策略和展望。
|
| 关 键 词: | 客户端攻击 客户端蜜罐 网站挂马 蜜罐 |
Detection of Web-site with Trojan Based on HoneyClient |
| |
| CHEN Ling,WANG Yi-jun,XUE Zhi.Detection of Web-site with Trojan Based on HoneyClient[J].China Information Security,2010(5):75-77. |
| |
| Authors: | CHEN Ling WANG Yi-jun XUE Zhi |
| |
| Affiliation: | CHEN Ling,WANG Yi-jun,XUE Zhi (Institute of Information Security Engineering,Shanghai Jiaotong University,Shanghai 200240,China) |
| |
| Abstract: | As client-side attacks occur frequently on the Internet,this article describes the concept of client-side attacks based on local-program vulnerabilities,and focuses on the characteristics of Web Trojan attacks. Then it,clarifi es the basic principles of the client-side honeypot system,and gives an effi cient client-side honeypot system HoneyClient. Then in the light of characteristic analysis on Web Trijan,it presents an effective Web Trojan detection scheme based on HoneyClient. The effi ciency of this sch... |
| |
| Keywords: | client-side attacks client-side honeypot Web Trojan HoneyClient |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
