Automatic generation method and system for HTTP (Hyper Text Transport Protocol) network feature code

An automatic generation and network feature technology, applied in the field of network security, which can solve the problems of long generation time of system feature codes and difficult deployment.

Inactive Publication Date: 2014-04-23
INST OF COMPUTING TECH CHINESE ACAD OF SCI
View PDF6 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] The technical problem to be solved by the present invention is to overcome the problems of long generation time and difficult deployment of existing system signatures, and propose a method and system for automatically generating HTTP network signatures

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic generation method and system for HTTP (Hyper Text Transport Protocol) network feature code
  • Automatic generation method and system for HTTP (Hyper Text Transport Protocol) network feature code
  • Automatic generation method and system for HTTP (Hyper Text Transport Protocol) network feature code

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0077] The present invention will be described in detail below in conjunction with the accompanying drawings and specific embodiments, but not as a limitation of the present invention.

[0078] The purpose of the present invention is to classify numerous HTTP botnet samples, and automatically generate corresponding feature codes for detection. The advantage of the present invention is that the communication feature code of the botnet can be generated without any prior knowledge, and even the feature code of the botnet with encrypted communication content can be generated.

[0079] Field of application of the present invention: 1. Propose a kind of efficient method of automatically generating HTTP botnet characteristic code for realizing the detection of large-scale botnet; 2. In the research of botnet, according to its network behavior to different samples Classify and automatically extract signatures.

[0080] The invention proposes a method for automatically generating HTTP...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an automatic generation method for an HTTP (Hyper Text Transport Protocol) network feature code. The method comprises the following steps: a pack feature code generation step, a URI (Uniform Resource Identifier) feature code generation step and an HTTP network feature code total set generation step, wherein the pack feature code generation step comprises the following steps: extracting feature statistics and pack content aiming at a plurality of network samples in a manner of asking and answering interchangeably; generating a coarseness cluster set by secondary clustering so as to generate a fineness cluster set on the basis of the coarseness cluster set by the secondary clustering; generating an asking and answering pack feature code set of the network samples by the fineness cluster set; the URI feature code generation step comprises the following steps: dividing flow of the network samples into single one type of flow and carrying out supplementary extraction of a URI path and parameter feature codes to generate a URI feature code set; finally, combining the asking and answering pack feature code set and the URI feature code set to generate a feature code total set Tall.

Description

technical field [0001] The invention relates to the technology in the field of network security, in particular to a method for generating signatures of unknown HTTP botnets, more specifically, a method for automatically generating HTTP network signatures and a system thereof. Background technique [0002] In recent years, incidents related to network security have occurred frequently, and network security has risen to become a hot topic at the national strategic level. However, due to the general lack of security awareness among netizens and various loopholes in computer operating systems and application software, more and more computers have quietly become "broilers" in botnets, and they have become targets for others to steal privacy and attack network resources. , Illegal profiteering and other illegal and criminal activities. [0003] Botnet (Botnet) is a kind of "universal computing platform constructed by invading several non-cooperative user terminals in cyberspace, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 李可刘潮歌崔翔李丹梁玉
Owner INST OF COMPUTING TECH CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap