Method and device for analyzing zombie community

An analysis method and analysis device technology, applied in the Internet field, can solve problems such as the lack of zombie community analysis technology, and achieve the effect of Internet security research and control promotion

Active Publication Date: 2014-05-14
BEIJING TOPSEC SOFTWARE +3
View PDF4 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The technical problem to be solved by the present invention is to provide a zombie community analysis method and device to solve the problem of zombie community analysis technology that has no real meaning in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for analyzing zombie community

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The present invention will be described in further detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0036] The botnet community analysis method based on similarity coefficient of the present invention, its core technical content is: select the monitoring data of certain time range in the monitoring data that botnet monitoring system produces; The infected host IPs are used as information to construct a botnet; for any two botnets, the jaccard coefficient is calculated based on their infected host IPs, and the similarity relationship between the two is saved; given the value of the similarity coefficient, select all values ​​greater than or equal to The similarity relationship of the similarity coefficient, all the botnets that have a similar relationship with each other in this result set co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and device for analyzing a zombie community. The method comprises the steps of acquiring monitored data generated within a set time range by a zombie network monitoring system, establishing zombie networks according to the monitored data, computing the similarity factor of any two zombie networks, selecting similarity relations with the similarity factors larger than a preset similarity factor threshold value, establishing the zombie community according to the similarity relations, and making analysis. According to the method for analyzing the zombie community, the internal relations among the zombie networks can be found out, the behavior modes of hacker groups behind the zombie networks can be tracked and researched more effectively, support and help are provided for network safety and network defense, and national macroscopic hierarchical internet safety research and control are promoted.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a method and device for analyzing a zombie community. Background technique [0002] Botnet refers to the use of one or more means of propagation to infect a large number of hosts with zombie (bot program) programs, thus forming a one-to-many control system between the controller and the infected hosts (zombies or bots). Network; it is often used by hackers to launch large-scale network attacks, such as distributed denial of service attacks (DDoS), mass spam, etc. Hackers can control all information on these infected hosts, such as bank accounts and passwords. [0003] A bot community refers to a group of botnets that are directly or indirectly related. Behind the zombie swarm may be controlled by one or several hacker organizations, engaged in underground economic activities on the Internet, such as: hired by a website to use the bot swarm to carry out DDOS attacks on comp...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L29/06
Inventor 汤泰鼎李雪莹
Owner BEIJING TOPSEC SOFTWARE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap