关键词: 僵尸网络, 僵尸主机, 有向图, 丢弃原则, 检测率

Abstract: The existing Botnet techniques and detection methods are usually confined to specific Botnet. To improve the confidentiality of Botnet, the authors proposed a dynamic Botnet model described with directed graph, which can accommodate various Botnets. Several dynamic attributes of the proposed model were analyzed, such as exposedness, resilience, sustainability in detail, and then a bot abandon policy was presented. The experimental results indicate that the proposed method can decrease the Botnet's detection ratio and improve sustainability and resilience effectively.

Key words: Botnet, Bot, directed graph, abandon policy, detection rate