ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2021, Vol. 58 ›› Issue (10): 2120-2139.doi: 10.7544/issn1000-1239.2021.20210855

所属专题: 2021密码学与网络空间安全治理专题

• 信息安全 • 上一篇    下一篇

网络犯罪的检测分析技术

洪赓,杨森,叶瀚,杨哲慜,杨珉   

  1. (复旦大学计算机科学技术学院 上海 200433) (ghong17@fudan.edu.cn)
  • 出版日期: 2021-10-01
  • 基金资助: 
    国家自然科学基金项目(U1836213)

Detection and Analysis Technology of Cybercrime

Hong Geng, Yang Sen, Ye Han, Yang Zhemin, Yang Min   

  1. (School of Computer Science, Fudan University, Shanghai 200433)
  • Online: 2021-10-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China (U1836213).

摘要: 随着信息技术的高速发展,越来越多的生产生活逐渐转移到网络空间进行,国民经济对网络空间的依赖也日益凸显.互联网带来便利的同时,越来越多的犯罪从传统线下转移到网络空间中进行,威胁人民群众的日常生活安全.因此,如何理解、评估、预防、打击网络犯罪,成为学术界、工业界和相关执法部门的关注重点.近年来,研究人员持续关注各种网络犯罪及对应的防范、评估、反制技术.但目前针对网络犯罪总体综述研究较少,亟需对网络犯罪产业链组成部分进行全面且详细的梳理.将以钓鱼(phishing)、诈骗(scam)、恶意挖矿(cryptojacking)等经典网络犯罪攻击方式为切入点,深入分析包括黑帽搜索引擎优化(Blackhat SEO)、误植域名(typosquatting)在内的相关支撑技术,详细揭露地下市场(underground market)、僵尸网络(Botnet)和洗钱渠道(money laundering)等网络犯罪基础设施,剖析网络犯罪产业链,最后讨论了网络犯罪研究中仍存在的挑战,并展望未来研究方向.

关键词: 网络犯罪, 检测分析技术, 钓鱼攻击, 网络诈骗, 恶意挖矿

Abstract: With the rapid growth of information technology, people’s daily activities have been gradually moving to cyberspace. Online activities also play an increasingly important role national economy. While the Internet greatly facilitated our daily life, more and more criminal activities that threaten our daily life, have also moved to cyberspace. Therefore, how to understand, evaluate, prevent, and combat cybercrimes have become the focus of attention of academia, industry, and law enforcement agencies. Recently, researchers pay much attention to the prevention, evaluation, and countermeasures of cybercrimes. However, until now, only a few researchers focus on the overview of cybercrime. Also, there is an urgent need for systemization of the entire cybercrime kill chain. This paper starts from some classic cybercrime attacks such as phishing, scam, and cryptojacking, and then an in-depth analysis of their supporting techniques is conducted, including blackhat SEO and typosquatting. To analyze the cybercrime kill chain, we also investigate the cybercrime infrastructures such as underground market, botnet, and money laundering. Finally, we discuss the existing challenges and trends of cybercrime research.

Key words: cybercrime, detection and analysis technology, phishing, network scam, cryptojacking

中图分类号: