Botnet network discovery technology and apparatus

A kind of botnet, technology, applied in the field of monitoring network virus to achieve the effect of ensuring the security of use

Inactive Publication Date: 2016-04-20
睿峰网云(北京)科技有限公司
View PDF6 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The reason why the name botnet is used is to make people realize the characteristics of this kind of hazard more vividly: numerous computers are unknowingly driven and commanded by people just li

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Botnet network discovery technology and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments of the present invention belong to the protection scope of the present invention.

[0024] like figure 1 Shown, according to the embodiment of the present invention described

[0025] A botnet discovery technique, comprising the steps of:

[0026] Capture the OSI seven-layer network information traffic of each network device in the same network topology through the existing packet capture tool, and use the data generation device to generate traffic data from the captured network traffic;

[0027] According to the network segment information of the IP address in the generat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a botnet network discovery technology which comprises the following steps of: capturing network information traffic and generating traffic data; according to network segment information and VLAN (Virtual Local Area Network) partitioning information of an IP (Internet Protocol) address in the generated network data and behavior analysis of related data, partitioning a network device into a corresponding network organizational chart, and according to the network organizational chart, generating a network traffic model graph; according to the network traffic model graph and an access behavior of a device, carrying out comparison; and moreover, according to a comparison condition, judging a suspicious access source. The botnet network discovery technology has the beneficial effects that: a data traffic model is generated by capturing network information; moreover, traffic comparison is carried out by utilizing device information accessed by the data traffic model so as to judge safety of the access device; the related suspicious access source of the suspicious access device can be found; and use safety of the network device is ensured.

Description

technical field [0001] The invention relates to a method for monitoring network viruses, in particular to a botnet discovery technology and device. Background technique [0002] Botnet refers to the use of one or more means of transmission to infect a large number of hosts with bot program (bot program) viruses, thereby forming a one-to-many controllable network between the controller and the infected hosts. Attackers spread bots in various ways to infect a large number of hosts on the Internet, and the infected hosts will receive instructions from attackers through a control channel to form a botnet. The reason why the name botnet is used is to make people realize the characteristics of this kind of hazard more vividly: numerous computers are unknowingly driven and commanded by people just like the zombie swarm in ancient Chinese legends, and they become human beings. However, there is currently no technology that can effectively monitor the invasion of zombie viruses. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1408H04L2463/144
Inventor 沈能辉
Owner 睿峰网云(北京)科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap