Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Detection method and detection device of zombie host computers

A technology of zombie hosts and hosts, applied in the field of network communication security, can solve the problems of poor timeliness and low accuracy of detection methods, and achieve the effect of improving efficiency and accuracy

Active Publication Date: 2013-06-05
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF2 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Embodiments of the present invention provide a method and device for detecting zombie hosts, which are used to solve the problems of low accuracy and poor timeliness of the existing detection methods for zombie hosts

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Detection method and detection device of zombie host computers
  • Detection method and detection device of zombie host computers
  • Detection method and detection device of zombie host computers

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] Based on the problems of poor timeliness and low accuracy of detecting zombie hosts in the existing network, the embodiment of the present invention provides a detection method and device for zombie hosts, which can obtain the mail flow data of each host to be detected in the network, After layer-by-layer screening and processing of the email traffic data, the zombie hosts in the network are finally detected timely and accurately, so as to facilitate the subsequent processing of the detected zombie hosts.

[0020] The specific implementation manners of a zombie host detection method and device provided in the embodiments of the present invention will be described below with reference to the drawings in the description.

[0021] A method for detecting a zombie host provided by an embodiment of the present invention, such as figure 1 As shown, it specifically includes the following steps:

[0022] S101: Obtain mail flow information of each host to be detected in the netw...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a detection method and a detection device of zombie host computers. The detection method of the zombie host computers includes the following steps: email flow information of each to-be-detected host computer in the network is obtained within set time; according to the obtained email flow information, internet protocol (IP) addresses according with preset conditions are selected, and a possibility measuring value of each to-be-detected host computer corresponding to each of the selected IP addresses is calculated out; and the calculated out possibility measuring value of each IP addresses is judged whether to be lager than a fourth threshold in sequence, and under the condition of 'yes', the to-be-detected host computers corresponding to the IP addresses are determined as the zombie host computers. According to the detection method and the detection device of the zombie host computers, the email flow information of the to-be-detected host computers can be periodically obtained, and the detection method is relatively timely. Besides, after the email flow information is processed according to the preset conditions, the high-possibility IP addresses of the zombie host computers can be obtained, the zombie host computers in the network can be obtained after processed with a certain algorithm, and the detection efficiency and the accuracy are improved.

Description

technical field [0001] The invention relates to the field of network communication security, in particular to a method and device for detecting a zombie host. Background technique [0002] The so-called botnet (botnet) is to use one or more means of transmission to infect a large number of hosts with bot programs (bot programs), thus forming a one-to-many controllable network between the controller and the infected hosts. . It is a new type of attack method, which provides attackers with a hidden, flexible and efficient one-to-many command and control mechanism, and spreads bots to control a large number of bot hosts, thereby realizing information theft, distributed denial of service attacks and spam sending and other attack purposes. [0003] In view of the harmfulness brought by zombie hosts, technologies such as honeynet technology, abnormal behavior detection technology, and IRC protocol analysis and restoration are usually used to detect zombie hosts. Specifically, t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 周俊峰
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com