本文選題：惡意代碼 + 僵尸網(wǎng)絡(luò)�。� 參考：《吉林大學(xué)》2014年碩士論文

【摘要】：隨著僵尸網(wǎng)絡(luò)的發(fā)展，一種新型的社交僵尸正迅速地傳播。相對于傳統(tǒng)僵尸，社交僵尸的命令與控制信道基于社交平臺。微博是中國最大的社交平臺之一，擁有數(shù)以億計的用戶。隨著微博用戶的增長，大量的微博消息發(fā)布到微博平臺上，然而當(dāng)黑客控制用戶賬戶后，會對微博平臺和用戶造成重大危害。類似的案例已在國外著名社交平臺——Facebook和Twitter上得到驗證，如Facebook上發(fā)現(xiàn)的koobface僵尸網(wǎng)絡(luò)，Twitter上發(fā)現(xiàn)的Nazbot僵尸網(wǎng)絡(luò)。 面對日益嚴(yán)重的僵尸網(wǎng)絡(luò)威脅，研究者提出多種社交僵尸檢測方法。目前出現(xiàn)的社交僵尸網(wǎng)絡(luò)主要集中在Facebook、Twitter和MySpace平臺，然而關(guān)于微博的僵尸網(wǎng)絡(luò)研究較少，大部分研究者主要分析微博上的垃圾信息、虛假賬戶等，而這些垃圾信息和虛假賬戶可能是僵尸程序產(chǎn)生。因此，，研究社交僵尸在主機(jī)內(nèi)的行為對于檢測及清除主機(jī)內(nèi)的僵尸程序尤為重要。 為了更好地研究社交僵尸的結(jié)構(gòu)、原理、與傳統(tǒng)僵尸的差異等，進(jìn)而有效地檢測用戶主機(jī)內(nèi)的社交僵尸。本文根據(jù)微博平臺建立一個社交僵尸網(wǎng)絡(luò)，通過一個微博賬戶發(fā)布僵尸控制命令，利用微博平臺作為命令與控制信道，受控的主機(jī)通過個人微博賬戶利用微博提供的開放API接口獲取命令，并在主機(jī)或微博平臺上產(chǎn)生相應(yīng)行為。該社交僵尸可以通過入侵微博用戶進(jìn)行垃圾信息的傳播，使用電子郵件傳遞竊取的用戶隱私信息。 微博僵尸的主要功能分為主機(jī)和網(wǎng)絡(luò)活動。主機(jī)活動包括查詢系統(tǒng)MAC地址、瀏覽網(wǎng)頁、獲取網(wǎng)卡信息、關(guān)機(jī)、重啟、截屏、上傳用戶到僵尸主控機(jī)、執(zhí)行指定文件的命令、修改郵件發(fā)送和接收地址。網(wǎng)絡(luò)活動包括登錄平臺、獲取僵尸控制者最新微博消息、更新用戶微博狀態(tài)、獲取用戶微博賬戶粉絲信息。本文中的社交僵尸只用作概念性驗證，不會開放源碼或用于商業(yè)用途。
[Abstract]:With the development of botnet, a new social botnet is spreading rapidly. Compared with traditional zombies, the command and control channel of social zombies is based on social platform. Weibo is one of China's largest social platforms, with hundreds of millions of users. With the growth of Weibo users, a large number of Weibo messages are published on Weibo platform. However, when hackers control user accounts, they will cause great harm to Weibo platform and users. Similar cases have been tested on Facebook and Twitter, the famous foreign social platforms, such as the koobface botnet found on Facebook and the Nazbot botnet found on Twitter. In the face of the increasing threat of botnet, researchers put forward a variety of social botnet detection methods. At present, social botnets mainly focus on Facebook Twitter and MySpace platforms, but there is little research on Weibo botnets. Most researchers mainly analyze spam on Weibo, false accounts, etc. And these spam and false accounts may be generated by zombie programs. Therefore, it is very important to study the behavior of social zombies in the host to detect and clear the zombie programs. In order to better study the structure and principle of social zombies and the differences with traditional zombies, social zombies in users' hosts can be detected effectively. This paper establishes a social botnet based on Weibo platform, issues botnet commands through a Weibo account, and uses Weibo platform as command and control channel. The controlled host obtains the command through the personal Weibo account using the open API interface provided by Weibo and generates the corresponding behavior on the host or Weibo platform. The social zombie can spread spam by invading Weibo users and use email to transmit stolen privacy information. The main functions of Weibo zombies are mainframe and network activity. Host activities include querying system MAC address, browsing web pages, obtaining network card information, shutdown, restart, screen capture, uploading users to zombie master, executing commands of specified files, modifying email sending and receiving addresses. Network activities include logging into the platform, getting the latest Weibo messages from zombie controllers, updating user Weibo status, and obtaining user Weibo account fan information. The social zombies in this article are used for conceptual validation only, not for open source or for commercial purposes.
【學(xué)位授予單位】：吉林大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前5條

1 方濱興;崔翔;王威;;僵尸網(wǎng)絡(luò)綜述[J];計算機(jī)研究與發(fā)展;2011年08期

2 王天佐;王懷民;劉波;史佩昌;;僵尸網(wǎng)絡(luò)中的關(guān)鍵問題[J];計算機(jī)學(xué)報;2012年06期

3 孫淑華,馬恒太,張楠,卿斯?jié)h,王曉翠;后門植入、隱藏與檢測技術(shù)研究[J];計算機(jī)應(yīng)用研究;2004年07期

4 李躍;翟立東;王宏霞;時金橋;;一種基于社交網(wǎng)絡(luò)的移動僵尸網(wǎng)絡(luò)研究[J];計算機(jī)研究與發(fā)展;2012年S2期

5 江健;諸葛建偉;段海新;吳建平;;僵尸網(wǎng)絡(luò)機(jī)理與防御技術(shù)[J];軟件學(xué)報;2012年01期

相關(guān)博士學(xué)位論文 前1條

1 夏虎;移動社交網(wǎng)絡(luò)結(jié)構(gòu)和行為研究及其應(yīng)用[D];電子科技大學(xué);2012年

本文編號：1873665