基于IPv6无线网络智能终端的恶意代码研究

项目名称： 基于IPv6无线网络智能终端的恶意代码研究

项目编号： No.61202358

项目类型： 青年科学基金项目

立项/批准年度： 2013

项目学科： 计算机科学学科

项目作者： 肖喜

作者单位： 清华大学

项目金额： 23万元

中文摘要： 随着智能终端的广泛使用和IPv4地址的枯竭，智能终端对IPv6的支持已是必然的趋势。人们的日常生活会越来越依赖于IPv6无线网络环境下的智能终端平台，从而该平台下的信息安全问题至关重要。因此研究基于IPv6无线网络智能终端的恶意代码具有长远的实用价值。本项目主要研究IPv6无线网络中智能终端上存在的各种恶意代码，评估它们的危害，阐明其传播机制，建立基于连通拓扑空间的偏微分方程的传播模型，提出一系列有效的新检测方法- - 基于代数学轨道分解定理的检测方法、基于静态特征码的检测方法、基于判决函数的动态行为检测方法、Rootkit检测技术、基于基线的进程检测技术、基于沙箱的检测技术、混合检测方法，并实现基于IPv6无线网络智能终端的入侵检测系统。本课题为新平台下恶意代码的研究提供实验和理论依据。把拓扑学、偏微分方程、抽象代数的相关理论合理的引入恶意代码的研究中，为信息安全的研究提供了新思路。

中文关键词： IPv6；无线网络；智能终端；恶意代码；Android

英文摘要： With the wide application of intelligent terminals and the exhaustion of IPv4 addresses, intelligent terminals are destined to support for IPv6. In the future people's daily lives will be increasingly dependent on intelligent terminal platform in IPv6 wireless networks. Therefore, the information security issues on this platform are extremely crucial. It has a long-term practical value for us to study malicious codes on intelligent terminals in IPv6 wireless networks. This project mainly investigates various malicious codes on intelligent terminals in IPv6 wireless networks. At first, we assess their harmfulness, and clarify their transmission mechanism. Then partial differential equations on the connected topological space are used to build a model for their transmission. Afterwards we bring forth a series of novel methods to detect them. These methods involve the method based on the orbit decomposition theorem in Algebra, the method based on static signatures, the method based on dynamic behaviors together with the judgment function, the Rootkit detection technology, the detection technique based on the baseline process, the sandbox-based detection technology and the hybrid detection method. Finally, we develop an intrusion detection system for the platform of intelligent terminals in IPv6 wireless networks. T

英文关键词： IPv6；wireless network；intelligent terminals；malicious codes；Android