本文選題：惡意代碼 + 僵尸網(wǎng)絡(luò)��； 參考：《吉林大學(xué)》2014年碩士論文

【摘要】：隨著僵尸網(wǎng)絡(luò)的發(fā)展，一種新型的社交僵尸正迅速地傳播。相對(duì)于傳統(tǒng)僵尸，社交僵尸的命令與控制信道基于社交平臺(tái)。微博是中國(guó)最大的社交平臺(tái)之一，擁有數(shù)以?xún)|計(jì)的用戶(hù)。隨著微博用戶(hù)的增長(zhǎng)，大量的微博消息發(fā)布到微博平臺(tái)上，然而當(dāng)黑客控制用戶(hù)賬戶(hù)后，會(huì)對(duì)微博平臺(tái)和用戶(hù)造成重大危害。類(lèi)似的案例已在國(guó)外著名社交平臺(tái)——Facebook和Twitter上得到驗(yàn)證，如Facebook上發(fā)現(xiàn)的koobface僵尸網(wǎng)絡(luò)，Twitter上發(fā)現(xiàn)的Nazbot僵尸網(wǎng)絡(luò)。 面對(duì)日益嚴(yán)重的僵尸網(wǎng)絡(luò)威脅，研究者提出多種社交僵尸檢測(cè)方法。目前出現(xiàn)的社交僵尸網(wǎng)絡(luò)主要集中在Facebook、Twitter和MySpace平臺(tái)，然而關(guān)于微博的僵尸網(wǎng)絡(luò)研究較少，大部分研究者主要分析微博上的垃圾信息、虛假賬戶(hù)等，而這些垃圾信息和虛假賬戶(hù)可能是僵尸程序產(chǎn)生。因此，，研究社交僵尸在主機(jī)內(nèi)的行為對(duì)于檢測(cè)及清除主機(jī)內(nèi)的僵尸程序尤為重要。 為了更好地研究社交僵尸的結(jié)構(gòu)、原理、與傳統(tǒng)僵尸的差異等，進(jìn)而有效地檢測(cè)用戶(hù)主機(jī)內(nèi)的社交僵尸。本文根據(jù)微博平臺(tái)建立一個(gè)社交僵尸網(wǎng)絡(luò)，通過(guò)一個(gè)微博賬戶(hù)發(fā)布僵尸控制命令，利用微博平臺(tái)作為命令與控制信道，受控的主機(jī)通過(guò)個(gè)人微博賬戶(hù)利用微博提供的開(kāi)放API接口獲取命令，并在主機(jī)或微博平臺(tái)上產(chǎn)生相應(yīng)行為。該社交僵尸可以通過(guò)入侵微博用戶(hù)進(jìn)行垃圾信息的傳播，使用電子郵件傳遞竊取的用戶(hù)隱私信息。 微博僵尸的主要功能分為主機(jī)和網(wǎng)絡(luò)活動(dòng)。主機(jī)活動(dòng)包括查詢(xún)系統(tǒng)MAC地址、瀏覽網(wǎng)頁(yè)、獲取網(wǎng)卡信息、關(guān)機(jī)、重啟、截屏、上傳用戶(hù)到僵尸主控機(jī)、執(zhí)行指定文件的命令、修改郵件發(fā)送和接收地址。網(wǎng)絡(luò)活動(dòng)包括登錄平臺(tái)、獲取僵尸控制者最新微博消息、更新用戶(hù)微博狀態(tài)、獲取用戶(hù)微博賬戶(hù)粉絲信息。本文中的社交僵尸只用作概念性驗(yàn)證，不會(huì)開(kāi)放源碼或用于商業(yè)用途。
[Abstract]:With the development of botnet, a new social botnet is spreading rapidly. Compared with traditional zombies, the command and control channel of social zombies is based on social platform. Weibo is one of China's largest social platforms, with hundreds of millions of users. With the growth of Weibo users, a large number of Weibo messages are published on Weibo platform. However, when hackers control user accounts, they will cause great harm to Weibo platform and users. Similar cases have been tested on Facebook and Twitter, the famous foreign social platforms, such as the koobface botnet found on Facebook and the Nazbot botnet found on Twitter. In the face of the increasing threat of botnet, researchers put forward a variety of social botnet detection methods. At present, social botnets mainly focus on Facebook Twitter and MySpace platforms, but there is little research on Weibo botnets. Most researchers mainly analyze spam on Weibo, false accounts, etc. And these spam and false accounts may be generated by zombie programs. Therefore, it is very important to study the behavior of social zombies in the host to detect and clear the zombie programs. In order to better study the structure and principle of social zombies and the differences with traditional zombies, social zombies in users' hosts can be detected effectively. This paper establishes a social botnet based on Weibo platform, issues botnet commands through a Weibo account, and uses Weibo platform as command and control channel. The controlled host obtains the command through the personal Weibo account using the open API interface provided by Weibo and generates the corresponding behavior on the host or Weibo platform. The social zombie can spread spam by invading Weibo users and use email to transmit stolen privacy information. The main functions of Weibo zombies are mainframe and network activity. Host activities include querying system MAC address, browsing web pages, obtaining network card information, shutdown, restart, screen capture, uploading users to zombie master, executing commands of specified files, modifying email sending and receiving addresses. Network activities include logging into the platform, getting the latest Weibo messages from zombie controllers, updating user Weibo status, and obtaining user Weibo account fan information. The social zombies in this article are used for conceptual validation only, not for open source or for commercial purposes.
【學(xué)位授予單位】：吉林大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類(lèi)號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前5條

1 方濱興;崔翔;王威;;僵尸網(wǎng)絡(luò)綜述[J];計(jì)算機(jī)研究與發(fā)展;2011年08期

2 王天佐;王懷民;劉波;史佩昌;;僵尸網(wǎng)絡(luò)中的關(guān)鍵問(wèn)題[J];計(jì)算機(jī)學(xué)報(bào);2012年06期

3 孫淑華,馬恒太,張楠,卿斯?jié)h,王曉翠;后門(mén)植入、隱藏與檢測(cè)技術(shù)研究[J];計(jì)算機(jī)應(yīng)用研究;2004年07期

4 李躍;翟立東;王宏霞;時(shí)金橋;;一種基于社交網(wǎng)絡(luò)的移動(dòng)僵尸網(wǎng)絡(luò)研究[J];計(jì)算機(jī)研究與發(fā)展;2012年S2期

5 江健;諸葛建偉;段海新;吳建平;;僵尸網(wǎng)絡(luò)機(jī)理與防御技術(shù)[J];軟件學(xué)報(bào);2012年01期

相關(guān)博士學(xué)位論文 前1條

1 夏虎;移動(dòng)社交網(wǎng)絡(luò)結(jié)構(gòu)和行為研究及其應(yīng)用[D];電子科技大學(xué);2012年

本文編號(hào)：1873665