Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for identifying Trojan horse behavior

A Trojan horse and behavior technology, applied in the field of Trojan horse behavior identification methods and systems, can solve the problem of insufficiently comprehensive Trojan horse behavior feature recognition, and achieve the effect of protecting the interests of information assets and comprehensive and accurate evidence

Active Publication Date: 2016-08-10
永信至诚科技集团股份有限公司 +1
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] (1) Trojans in the process of implantation can only be identified based on the characteristics of the static code of the Trojan;
[0004] (2) Trojan horses in the communication process can only be identified based on insufficiently comprehensive Trojan horse behavior characteristics

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for identifying Trojan horse behavior
  • Method and system for identifying Trojan horse behavior
  • Method and system for identifying Trojan horse behavior

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0051] Embodiment 1. A method for identifying a Trojan horse behavior, comprising:

[0052] Configure Trojan behavior characteristics;

[0053] Capture network packets;

[0054] Identifying the Trojan horse behavior state of the network packet based on the Trojan horse behavior characteristics;

[0055] The identified Trojan horse behavior status is recorded, and the Trojan horse behavior is identified based on the record.

[0056] In an implementation manner of this embodiment, the Trojan horse behavior characteristics include any of the following situations or any combination thereof:

[0057] The response content is domain name: port or IP address: port format;

[0058] The length of the response packet is less than 200 bytes, and the content dispersion is greater than 0.3;

[0059] The length of the data packet sent from the internal network to the external network is greater than 200 bytes.

[0060] In this embodiment, the step of identifying the Trojan horse behavio...

Embodiment 2

[0080] Embodiment two, a kind of identification system of Trojan horse behavior, such as figure 2 shown, including:

[0081] The management module is used to configure the behavior characteristics of the Trojan horse;

[0082] Packet capture module, used to capture network packets;

[0083] An identification module, configured to identify the Trojan horse behavior state of the network packet based on the Trojan horse behavior characteristics;

[0084] The association module is configured to record the identified behavior state of the Trojan horse, and identify the behavior of the Trojan horse based on the record.

[0085] In an implementation manner of this embodiment, the Trojan horse behavior characteristics include any of the following situations or any combination thereof:

[0086] The response content is domain name: port or IP address: port format;

[0087] The length of the response packet is less than 200 bytes, and the content dispersion is greater than 0.3;

[...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a Trojan horse behavior identification method and system. The Trojan horse behavior identification method comprises the steps of configuring Trojan horse behavior characteristics, capturing a network packet, identifying the Trojan horse behavior state of the network packet on the basis of the Trojan horse behavior characteristics, recording the identified Trojan horse behavior state, and identifying a Trojan horse behavior on the basis of the record. The Trojan horse behavior identification method and system can effectively identify the Trojan horse behavior.

Description

technical field [0001] The invention relates to the field of network security, in particular to a Trojan horse behavior identification method and system. Background technique [0002] At present, with the rapid development of computer networks, network information systems have become an important tool for people to share information and communicate. At the same time, compared with hackers and early viruses, Trojan horses have become the main hazard of the Internet. Trojan horses are used to spy on other people's privacy and obtain economic benefits For the purpose, it has the characteristics of strong concealment, wide attack range and great harm. Currently, the Trojan horse detection function deployed on network security devices has the following problems: [0003] (1) Trojans in the process of implantation can only be identified based on the characteristics of the static code of the Trojan; [0004] (2) The Trojan horse in the communication process can only be identified ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 陈俊
Owner 永信至诚科技集团股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com