中文摘要：

在分析P2P网络中蠕虫攻击特点的基础上,接合病毒衰竭方法,提出多令牌桶蠕虫衰竭方法.该方法针对P2P网络服务端口特定以及蠕虫攻击地址发散的特性,根据端口不同设立多数据表,避免了不同端口流量之间的相互影响;针对蠕虫发出连接请求速率高的特性,该方法使用令牌桶控制延迟队列处理速度,阻塞漏洞端口队列,衰竭蠕虫对P2P网络的危害性,阻止蠕虫增加P2P网络负载,避免因蠕虫引起P2P网络负载过重而导致P2P网络瘫痪.仿真分析表明,衰竭方法能在P2P网络内蠕虫爆发增长前发挥作用.

英文摘要：

The multiple token buckets P2P worms throttle method is proposed after the P2P worms＇ characteristic attacking P2P networks was analyzed. The method is the evolution of the application of Virus Throttle to P2P worms. Considering the P2P networks characters of employing unique port and the worm characters of dispersed IP addresses, the method uses port-based multiple work sets to identify worm connection requests in worm detection process. Considering the worms characters of the frequency connection requests, the method employs multiple delay queues to control the speed of procession, to blocks the queue of the worm employ, to throttles the worm destructive power to P2P networks, and to avoids the P2P networks paralysis conduced by worms. The analysis shows P2P worms can be detected by watching the change of the queue＇s length.