漫谈Domain Flux | 关注网络安全技术



漫谈Domain Flux | 关注网络安全技术

Domain Generation Algorithm(DGA)是一项古老但一直活跃的技术,是中心结构僵尸网络赖以生存的关键武器,该技术给打击和关闭该类型僵尸网络造成了不小的麻烦,研究人员需要快速掌握域名生成算法和输入,对生成的域名及时进行sinkhole。

背景
僵尸网络指攻击者(Botmaster)出于恶意目的,通过命令控制信道(C&C Channel)操控一群受害主机(Bots)所形成的攻击平台。通过该平台,攻击者可以发起多种常见攻击,包括DDoS、垃圾邮件、钓鱼攻击、点击欺诈、在线身份窃取、比特币挖掘/窃取、加密勒索等。
同传统恶意代码形态相比,僵尸网络的攻击实现依赖攻击者和受害主机之间的信息交互,即攻击者需要告知僵尸主机命令,僵尸主机才可发起相应的攻击,命令的下发通过命令控制信道实现,这是僵尸网络构建的核心,也是攻防双方博弈的关键点。
在早期中心结构的僵尸网络中,僵尸主机通常采用轮询的方法访问硬编码的C&C 域名或 IP来访问命令控制服务器,获取攻击者命令,由于硬编码的域名或IP固定且数量有限,防御人员通过逆向掌握该部分内容后可对该域名进行有效的屏蔽,阻断其命令控制途径,使其失去控制源并逐渐消亡。该种缺陷称之为中心节点失效(single-point-of-failure)。


Read full article from 漫谈Domain Flux | 关注网络安全技术


No comments:

Post a Comment

Labels

Algorithm (219) Lucene (130) LeetCode (97) Database (36) Data Structure (33) text mining (28) Solr (27) java (27) Mathematical Algorithm (26) Difficult Algorithm (25) Logic Thinking (23) Puzzles (23) Bit Algorithms (22) Math (21) List (20) Dynamic Programming (19) Linux (19) Tree (18) Machine Learning (15) EPI (11) Queue (11) Smart Algorithm (11) Operating System (9) Java Basic (8) Recursive Algorithm (8) Stack (8) Eclipse (7) Scala (7) Tika (7) J2EE (6) Monitoring (6) Trie (6) Concurrency (5) Geometry Algorithm (5) Greedy Algorithm (5) Mahout (5) MySQL (5) xpost (5) C (4) Interview (4) Vi (4) regular expression (4) to-do (4) C++ (3) Chrome (3) Divide and Conquer (3) Graph Algorithm (3) Permutation (3) Powershell (3) Random (3) Segment Tree (3) UIMA (3) Union-Find (3) Video (3) Virtualization (3) Windows (3) XML (3) Advanced Data Structure (2) Android (2) Bash (2) Classic Algorithm (2) Debugging (2) Design Pattern (2) Google (2) Hadoop (2) Java Collections (2) Markov Chains (2) Probabilities (2) Shell (2) Site (2) Web Development (2) Workplace (2) angularjs (2) .Net (1) Amazon Interview (1) Android Studio (1) Array (1) Boilerpipe (1) Book Notes (1) ChromeOS (1) Chromebook (1) Codility (1) Desgin (1) Design (1) Divide and Conqure (1) GAE (1) Google Interview (1) Great Stuff (1) Hash (1) High Tech Companies (1) Improving (1) LifeTips (1) Maven (1) Network (1) Performance (1) Programming (1) Resources (1) Sampling (1) Sed (1) Smart Thinking (1) Sort (1) Spark (1) Stanford NLP (1) System Design (1) Trove (1) VIP (1) tools (1)

Popular Posts