Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Spam botnet host detection method and device

A spam and zombie host technology, applied in the field of spam zombie host detection, can solve the problem that the source of spam cannot be fundamentally eliminated

Active Publication Date: 2014-08-06
HARBIN UNIV OF SCI & TECH
View PDF4 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Traditional detection methods mostly classify spam from the perspective of mail recipients, and cannot fundamentally eliminate the source of spam

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Spam botnet host detection method and device
  • Spam botnet host detection method and device
  • Spam botnet host detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0064] Such as figure 1 As shown, the present invention provides a spam zombie host detection method, including a training phase and a detection phase:

[0065] The training phase comprises the steps of:

[0066] S1. Estimate the Gaussian model parameters of normal hosts and spam zombie hosts by the method of sequential probability ratio, establish the Gaussian models of normal hosts and spam zombie hosts respectively, and calculate the threshold value of the Gaussian model;

[0067] The detection phase comprises the steps of:

[0068] S2. Detect the mail sent by the host to be detected by the spam classifier, and obtain the detection score;

[0069] S3. Perform normalization processing on the detection score, and adjust the detection score within the interval [0,1];

[0070] S4. Based on the adjusted detection score, calculate the statistics of the spam zombie host through the Gaussian model established in step S1, and compare the statistics with the threshold value to det...

Embodiment 2

[0129] Such as Figure 5 As shown, the present invention also provides a spam zombie detection device, comprising the following modules,

[0130] Training module: estimate the Gaussian model parameters of normal hosts and spam zombie hosts by sequential probability ratio method, respectively establish the Gaussian models of normal hosts and spam zombie hosts, and calculate the threshold value of the Gaussian model;

[0131] Detection module: use the spam classifier to detect the mail sent by the host to be detected, and obtain the detection score; carry out normalization processing on the detection score, and adjust the detection score in the [0,1] interval; based on the adjusted The detection score of the spam zombie host is calculated by the Gaussian model established in step S1, and the statistics are compared with the threshold value to determine whether the host to be detected is a spam zombie host.

[0132] Such as Figure 6 Shown is a schematic diagram of a spam zombi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a spam botnet host detection method and device and relates to the field of computer network security. The method includes a training phase and a detecting phase: S1, estimating Gaussian model parameters of a normal host and a spam botnet host by means of a sequential probability ratio method, establishing Gaussian models, and calculating thresholds of the Gaussian models; S2, detecting mails that a host to be detected send out, by a spam sorter so as to obtain detection scores; S3, normalizing the detection scores and adjusting the detection scores in a (0, 1) range; S4, on the basis of the adjusted detection scores, calculating a statistic of the spam botnet host by the Gaussian models established in the step S1, comparing the statistic with the thresholds, and judging whether or not the host to be detected is the spam botnet host or not. The botnet host which transmits spams is detected, an origin of transmitting the spams can be cut off, and substantially, fewer spams are transmitted.

Description

technical field [0001] The invention relates to the field of computer network security, in particular to a method and device for detecting spam zombie hosts. Background technique [0002] E-mail has become an important way of people's daily communication, which brings convenience to people's life. However, driven by commercial interests and other factors, the increasing flood of spam also came into being, causing serious harm. On the one hand, the generation and transmission of spam takes up a lot of network resources, causing network congestion and waste of resources; Life. According to a recent survey report released by the Anti-Spam Center of the Internet Society of China, users receive an average of 16.71 spam emails per week, accounting for 84% of the total number of emails; this shows that the proliferation of spam emails is already very serious. Although some anti-spam technologies or products have appeared one after another, 45.29% of enterprise users think that t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/58
Inventor 孙广路何勇军马英财杨赫刘广明
Owner HARBIN UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com