| Internet has led the rapid development of information industry with its appearance, which completely changed the existing production ways and people's living habits, and has played an irreplaceable role in promoting social progress and development. However, the deteriorating environment, malicious behavior for network and target system and attacks event emerge in endlessly. Let people endure the harm as well as enjoy great convenience brought by Internet. In the event of network attacks, the harm caused by network worms flooding is much more serious than other malicious software and attacks, how to detect and handle the network worm effectively, is the challenge we must face.This thesis starts from the development and history of the network worm firstly; describe the definition of network worms and difference by comparing the network worm with ordinary virus. Research task is performed in-depth on the behavior of network worm and scanning strategies by analyzing the attacks ways of network worm. Analyze and compare the spreading model of network worm, result shows that early detection of network worms has a great significance in the suppression for worms spread.In the network worm detection technology, this thesis shows a detailed analysis of existing detection method for network worm, including the known and unknown worm detection. Based on statistical analysis, propose the method for network worm abnormal detection based on Bayes Method, and gives the specific implementations. For the feature extraction techniques of network worm, analyze the existing feature extraction method, perform the feature extraction work by Sequences Alignment Algorithm applied in bioinformatics, compare performance of the algorithm, propose improved method for the algorithm, and complete the related testing.On the base of theoretical analysis for the network worm detection and feature extraction, this thesis presents network worms detection model based the above idea. This model show the specific implementation detection method for the network worm, combined with the existing network technology, through the capture of data on the network, then analyze the protocol of the data, combined the application of Bayes detection methods and Sequences Alignment Algorithm to be able to timely detect anomalies that exist in the network environment and complete the feature extraction work.Finally, the system was tested and analyzed in this thesis; the test results reflect the system has strong validity and practicality for network worm prevention and feature extraction. In the end, this thesis summarizes the work done in thesis, and prospect the future possible work. |
PDF Full Text Request