提出了一种基于分形与自适应数据融合的P2P僵尸网络检测方法。构建单分形特性、多分形特性检测传感器,利用大时间尺度下的自相似性和小时间尺度下的局部奇异性刻画网络流量特征,利用Kalman滤波器检测上述特性是否异常。为获得更精确的检测结果,提出了一种自适应数据融合方法,根据证据冲突程度自适应得选择DST(Dempster-Shafer Theory)、DSmT(Dezert-Smarandache Theory)对上述检测结果进行融合。而且,考虑到了P2P应用对检测的影响。实验结果表明该方法检测准确度较高。 A P2P botnet detection method based on fractal and adaptive data fusion is proposed. The single fractal and multifractal characteristics detection sensors are constructed. The network traffic characteristics are characterized by self-similarity in large time scales and local singularities in small time scales. The Kalman filter is used to detect the above characteristics. In order to obtain more accurate test results, an adaptive data fusion method is proposed, in which the Dempster-Shafer Theory (DST) and the DSmT (Dezert-Smarandache Theory) are adaptively selected based on the degree of evidence conflict. Moreover, taking into account the impact of P2P applications on the test. The experimental results show that the method has high detection accuracy.