基于社会计算的IM恶意代码防御机制

doi:10.3969/j.issn.0372-2112.2013.06.014

电子学报 ›› 2013, Vol. 41 ›› Issue (6): 1130-1139.DOI: 10.3969/j.issn.0372-2112.2013.06.014

基于社会计算的IM恶意代码防御机制

刘昕^1,3, 贾春福^2,3, 石乐义¹, 辛兆君¹

1. 中国石油大学(华东)计算机与通信工程学院, 山东青岛 266580;
2. 南开大学信息技术科学学院, 天津 300071;
3. 南京大学计算机软件新技术国家重点实验室, 江苏南京 210093

收稿日期:2012-02-18 修回日期:2013-02-03 出版日期:2013-06-25
- 作者简介:
- 刘昕女,1974年10月出生于山东省潍坊市.2012年毕业于南开大学计算机与信息安全系,现为中国石油大学(华东)讲师.从事网络安全和社会计算方面的研究工作. E-mail:liuxin_star@163.com 贾春福男,1967年5月出生于河北省文安市,现为南开大学教授、博士生导师,主要研究方向为信息安全与可信计算、恶意代码发现与分析. E-mail:cfjia@nankai.edu.cn 石乐义男,1975年9月出生于山东临朐,中国石油大学(华东)副教授,硕士生导师,主要研究方向为网络安全,博弈理论和移动计算. E-mail:shileyi@upc.edu.cn 辛兆君男,1988年5月出生于山东青岛.研究生.主要研究方向为网络安全. E-mail:xinzhaojun567@sina.com
- 基金资助:
- 国家自然科学基金资助项目 (No.60973141,No.61272423); 国家重点基础研究发展计划项目 (No.2013CB834204); 高等学校博士学科点专项科研基金资助项目 (No.20100031110030); 中央高校基本科研业务费专项资金资助 (No.13CX02027A)

A Collaborative Defending Scheme Based on Social Computing Against IM Malicious Codes

LIU Xin^1,3, JIA Chun-fu^2,3, SHI Le-yi¹, XIN Zhao-jun¹

1. College of Computer & Communication Engineering, China University of Petroleum, Qingdao, Shandong 266580, China;
2. Department of Computer and Information Security, Nankai University, Tianjin 300071, China;
3. State Key Lab for Novel Software Technology, Nanjing University, Nanjing, Jiangsu 210093, China

Received:2012-02-18 Revised:2013-02-03 Online:2013-06-25 Published:2013-06-25
- Supported by:
- National Natural Science Foundation of China (No.60973141, No.61272423); National Key Basic Research Development Plan (No.2013CB834204); Research Fund for the Doctoral Program of Higher Education of China资助项目 (No.20100031110030); Fundamental Research Funds for the Central Universities (No.13CX02027A)

摘要/Abstract

摘要： 即时通信(IM,Instant Messaging)网络已成为恶意代码传播的主要途径之一,本文提出了一种基于社会计算的IM恶意代码防御机制:利用用户与好友之间的社会信任关系,通过社会计算集成网络中多种反病毒软件的检测结果及用户的安全经验形成群体智慧,从而构成一个分布式协作防御机制.该机制利用即时通信网络平台,并依据好友间的交互行为计算动态信任,在IM客户端部署方案,用户之间实时相互协作抵御通过IM传播的恶意代码.实验结果表明,在大多数用户接受好友警告的情况下,即时通信网络中所有节点最终都被免疫,提高了整个社会网络防御IM恶意代码的能力.

关键词: 社会网络, 即时通信网络, IM蠕虫, 社会计算, 社会信任, 群体智慧

Abstract: IM(Instant Messaging) is used widely,which is an avenue for the propagation of IM malicious codes.To restrain IM malicious codes,we proposed a collaborative defending scheme based on social computing.Users can obtain experience after they browse through web pages and run malicious codes.Based on the trust between a user and his friends,through social computing,the experience and the checking results about IM malicious codes from different antivirus softwares on hosts are collected to result in collective intelligence.The platform used in the scheme is the social network formed by IM tool.Dynamic trusts on friends are calculated according to massages from friends.The scheme is a distributed system which is implemented in clients.Users collaborate with their friends to slow down the propagation of IM malicious codes.The experiments show all nodes in the social network are immune at last in the case when most users accept the warning,and the defending capacity of the whole social network is enhanced.

Key words: social network, IM network, IM worm, social computing, social trust, collective intelligence

中图分类号:

TP393.08

刘昕, 贾春福, 石乐义, 等. 基于社会计算的IM恶意代码防御机制[J]. 电子学报, 2013, 41(6): 1130-1139.

LIU Xin, JIA Chun-fu, SHI Le-yi, et al. A Collaborative Defending Scheme Based on Social Computing Against IM Malicious Codes[J]. Acta Electronica Sinica, 2013, 41(6): 1130-1139.

参考文献

[1] iResearch.iResearch China Instant Messaging Research Report[EB/OL].http://www.2chinable.com/china-internet-market-free-reptort-download/cat_view/45-china-social-media- market-free-reports,2010.

[2] hugo.腾点:腾讯2011年同时在线用户达1.5,注册用户达7亿[EB/OL].http://www.tendow.com/?p=2653,2011.11.17.

[3] 中国互联网络信息中心.中国互联网络发展状况统计报告[EB/OL].http://www.cnnic.cn/research/bgxz/tjbg/201201/P020120118512855484817.pdf,2013.

[4] Smith R D.Instant Messaging as a Scale-Free Network[EB/OL].http://arxiv.org/abs/cond-mat/0206378,2002.

[5] P Holme,B J Kim.Growing scale-free networks with tunable clustering[J].Physical Review E,2002,65(2):026107.

[6] Ryan Naraine.Researchers Say Automated IM Worm Is Inevitable[EB/OL].http://www.eweek.com/c/a/Security/Researchers-Say-Automated-IM-Worm-Is-Inevitable/,2005.

[7] McAfee.W32/Hello.worm[EB/OL].http://www.mcafee.com/threat-intelligence/malware/default.aspx? id=99077,2003.

[8] Rising.爱情森林病毒[EB/OL].http://it.rising.com.cn/newSite/Channels/Anti_Virus/Antivirus_Base/TopicDatabase Package/27-155400316.htm,2002.

[9] Yu WU,Yanrong YANG,Huanzheng WU,Gongxiao WANG.Modeling and simulation on information propagation on instant messaging network based on two-layer scale-free networks with tunable clustering[A].Proceedings of the 2009 IEEE International Conference on Systems,Man,and Cybernetics[C].San Antonio,TX:IEEE Press,2009.5184-5188.

[10] 姚文斌,杨松涛.复杂网络中即时通信蠕虫病毒传播的研究[J].计算机工程与应用,2009,45(18):129-131. YAO Wen-bin,YANG Song-tao.Study of instant messaging worms spreading on complex network[J].Computer Engineering and Applications,2009,45(18):129-131.(in Chinese)

[11] 冯朝胜,邓婕,秦志光,刘霞,劳伦斯·库珀特.即时通信蠕虫传播建模[J].计算机工程,2010,36(5):143-145. FENG Chao-sheng,DENG Jie,QIN Zhi-guang,LIU Xia,Laurence Cuthbert4.Modeling of instant message worms propagation[J].Computer Engineering,2010,36(5):143-145.(in Chinese)

[12] Williamson M W.Throttling viruses:Restricting propagation to defeat malicious mobile code[A].Proceedings of Computer Security Applications Conference[C].Las Vegas,Nevada:IEEE Press,2002.61-68.

[13] Williamson M W,Parry A,Byde A.Virus throttling for instant messaging[A].Proceedings of Virus Bulletin Conference[C].Chicago,USA:Virus Bulletin Limited,2004.1-10.

[14] Mannan M,Oorschot P C.On instant messaging worms,analysis and countermeasures[A].Proceedings of ACM CCS Workshop on Rapid Malcode[C].Fairfax,Virginia,USA:ACM Press,2005.2-11.

[15] 赵彬彬,张玉清,刘宇.IM 蠕虫检测方案的设计与实现[J].计算机工程,2009,35(21):147-150. ZHAO Bin-bin,ZHANG Yu-qing,LIU Yu.Design and implementation of IM worm detection method[J].Computer Engineering,2009,35(21):147-150.(in Chinese)

[16] 张静,胡华平,刘波.基于行为分析的IM蠕虫检测方法[J].通信学报,2007,28(8A):154-157. Zhang Jing,Hu Huaping,Liu Bo.Behavior analysis based IM worm detecting[J].Journal on Communication,2007,28(8A):154-157.(in Chinese)

[17] 百度百科.云安全[EB/OL].http://baike.baidu.com/view/1725454.htm,2011.

[18] Katharine Gammon.Networking:Four Ways to Reinvent the Internet[OL].http://www.nature.com/news/2010/100203/full/463602a.html,2010.

[19] 张琳,王汝传,张永平.一种基于模糊集合的可用于网格环境的信任评估模型[J].电子学报,2008,36(5):862-868. ZHANG Lin,WANG Ru-chuan,ZHANG Yong-ping.A trust evaluation model based on fuzzy set for grid environment[J].Acta Electronica Sinica,2008,36(5):862-868.(in Chinese)

[20] 陈超,王汝传,张琳.一种基于开放式网络环境的模糊主观信任模型研究[J].电子学报,2010,38(11):2505-2509. CHEN Chao,WANG Ru-chuan,ZHANG Lin.The research of subjective trust model based on fuzzy theory in open networks[J].Acta Electronica Sinica,2010,38(11):2505-2509.(in Chinese)

[21] 贾春福,刘昕,刘国友,胡志超,王冬.一种基于社会信任的恶意网页协防机制[J].通信学报,2012,33(10):110-116. JIA Chun-fu,LIU Xin,LIU Guo-you,HU Zhi-chao,WANG Dong.A collaborative defending scheme against malicious Web pages based on social trust[J].Journal on Communications,2012,33(10):110-116.(in Chinese)

[22] 卿斯汉,王超,何建波,李大治.即时通信蠕虫研究与发展[J].软件学报,2006,17(10):2118-2130. Qing SH,Wang C,He JB,Li DZ.Research and development of instant messaging worms[J].Journal of Software,2006,17(10):2118-2130.(in Chinese)

[23] iResearch.2009 China IM Communication Security Study Report[EB/OL].http://www.2chinable.com/china-internet-market-free-reptort-download/cat_view/45-china-social-me dia-market-free-reports,2010.

[24] GOLBECK J.Computing and Applying Trust in Web-Based Social Networks[D].Maryland:University of Maryland,College Park,2005.

[25] Jia Chunfu,Liu Xin,Liu Guoyou,et al.Worm containment based on double-neighbor lists in P2P overlay networks[A].Proceedings of 2010 IEEE International Conference on Information Theory and Information Security (ICITIS 2010)[C].Beijing: IEEE Press,2010.558-562.

基于社会计算的IM恶意代码防御机制

A Collaborative Defending Scheme Based on Social Computing Against IM Malicious Codes

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 14

编辑推荐

Metrics

[1]	高玉君, 梁刚, 蒋方婷, 许春, 杨进, 陈俊任, 王浩. 社会网络谣言检测综述[J]. 电子学报, 2020, 48(7): 1421-1435.
[2]	杨洁, 朱咸军, 周献中, 柳毅. 基于混杂社会网络的个性化Web服务推荐方法[J]. 电子学报, 2020, 48(2): 341-349.
[3]	马慧芳, 刘文, 李志欣, 蔺想红. 融合耦合距离区分度和强类别特征的短文本相似度计算方法[J]. 电子学报, 2019, 47(6): 1331-1336.
[4]	汪林玉, 谷科, 余飞, 尹波, 廖年冬. 基于个人意愿的社会网络团体结构与信息检测方案[J]. 电子学报, 2019, 47(4): 886-895.
[5]	朱恩强, 吴艳蕾, 许宇光, 牛云云. 基于树核度的社交网络影响最大化问题[J]. 电子学报, 2019, 47(1): 161-168.
[6]	俞春花, 刘学军, 李斌, 章玮. 基于上下文相似度和社会网络的移动服务推荐方法[J]. 电子学报, 2017, 45(6): 1530-1536.
[7]	龚卫华, 兰雪锋, 裴小兵, 杨良怀. 基于k-度匿名的社会网络隐私保护方法[J]. 电子学报, 2016, 44(6): 1437-1444.
[8]	吴斌, 吉佳, 孟琳, 石川, 赵惠东, 李仪清. 基于迁移学习的唐诗宋词情感分析[J]. 电子学报, 2016, 44(11): 2780-2787.
[9]	王萌萌, 左万利, 王英. 基于加权非负矩阵分解的链接预测算法[J]. 电子学报, 2016, 44(10): 2391-2397.
[10]	蔡青松, 刘燕, 牛建伟, 孙利民. 一种关注消息时效性的机会社会网络中节点传播能力分析模型[J]. 电子学报, 2015, 43(9): 1705-1713.
[11]	王诗懿, 董一鸿, 李志超, 陈华辉, 钱江波. 大规模复杂网络下重叠社区的识别[J]. 电子学报, 2015, 43(8): 1575-1582.
[12]	兰丽辉, 鞠时光. 基于向量相似的权重社会网络隐私保护[J]. 电子学报, 2015, 43(8): 1568-1574.
[13]	张波, 黄震华, 李美子, 向阳. 一种社会网络服务协作决策的竞标组织方法[J]. 电子学报, 2015, 43(4): 625-630.
[14]	牛建伟, 戴彬, 孙利民, 林佳骝, 熊永平. PQBCF:一种基于中间中心度的机会网络P2P查询算法[J]. 电子学报, 2013, 41(9): 1815-1820.