隨著資訊科技的進步與發展,網際網路逐漸成為生活中必要的條件,無論是通訊、影音、金融交易等都開始仰賴網際網路,然而,在我們享受資訊生活便利的同時,個人隱私也面臨了相當大的潛在風險。近年來,網路資訊的安全性越來越受到各界的重視,網路駭客更是現今相當棘手的問題,在網路上流竄的駭客們為了隱藏自己的真實位置,會透過中繼站從事惡意活動,而惡意中繼站也不斷的更新且日益龐大,令人難以追查來源,雖然政府機關與各大公司定期都會發布惡意中繼站清單,但是要即時取得並利用這些資訊卻是一個很令人頭痛的問題。本論文將實作一個自動收集惡意中繼站資訊並加以分析的情蒐系統,不但能達到定期自動更新情資,也能將所蒐集的資料進一步正規化並儲存到資料庫中進行分析,方便使用者查詢及列表,甚至進而利用此資料在防火牆進行阻擋。
Nowadays, activities such as communications, shopping and financial transactions have become gradually dependent on the Internet with the development of the Information technology. However, while we are enjoying the convenience of information life, at the same time our personal privacy is also facing certain potential risks. Accordingly, Internet security has become increasingly emphasized across industries and sectors. Nowadays, Internet hackers is now a very difficult problem to deal with. To hide their actual addresses, hackers active on the Internet engage in malicious activities through command-and-control (C&C) servers, which continue to update and expand. Both government sectors and large firms publicize lists of C&C servers regularly. However, to access and utilize this information in time is a great challenge. This study realized a system that automatically collects lists of C&C servers. By regularly updating information as well as normalizing and saving the data into a database, the system enables users to check and compile lists, even to use the data to block attacks via firewalls.
