Malware detection visualization method and system based on malicious network traffic lexicon

A technology for network traffic and malware, applied in instrumentation, computing, electrical digital data processing, etc., can solve problems such as user transparency

Active Publication Date: 2019-05-14
UNIV OF JINAN
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to solve the above problems, to provide a malware detection visualization method and system based on the malicious network traffic lexicon, which fully solves the transparency problem of the malicious traffic detection process to the user

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malware detection visualization method and system based on malicious network traffic lexicon
  • Malware detection visualization method and system based on malicious network traffic lexicon
  • Malware detection visualization method and system based on malicious network traffic lexicon

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0101] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0102] The present invention can meet the following basic requirements:

[0103] (1) A malicious network traffic lexicon is established, which can be applied to malware detection methods.

[0104] (2) Using the malicious network traffic lexicon established by myself, combined with the method of machine learning, a detection model was established.

[0105] (3) Visually display the malicious words in the network traffic generated by the predicted malicious app, and display the importance of each word in the malicious traffic in an intuitive form.

[0106] Such as figure 1 As shown, the malware detection result visualization method based on the malicious network traffic lexicon includes the following steps:

[0107] Step 100, a malicious network traffic lexicon building module. Through this module, a lexicon of malicious network traffic can be obtained...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious-software detection visualization method and system based on malicious network flow lexicons. The malicious-software detection visualization method includes the following steps that the content of HTTP network flow is subjected to word splitting, and the malicious network flow lexicons are established; a malicious software detection model is trained; the flow content of to-be-detected HTTP network flow is subjected to word splitting, and is split into word sets; the word sets are subjected to vectorization processing through the obtained lexicons; word vectors are input into a trained malicious-software detection model, and the trained malicious-software detection model gives the detection result through calculation; if the to-be-detected HTTP network flow is forecasted as malicious flow, a source app of the HTTP network flow of the malicious flow is found, and the source app is marked as a malicious app; the weights of words in malicious network flow are calculated; the flow content of the malicious network flow is visualized. The malicious-software detection visualization method and system based on the malicious network flow lexicons has the advantages that the transparent problem of users of the malicious flow detection process is fully solved.

Description

technical field [0001] The invention relates to a malicious software detection and visualization method and system based on a malicious network traffic lexicon. Background technique [0002] Today, Android malware is rampant, and malicious applications that cause various harms to users emerge in an endless stream. At present, the detection of malicious applications is mainly divided into three main directions. The first is based on static code scanning. It needs to maintain a malicious code library, because it compares all the codes of the application to be detected with the malicious code fragments in the malicious library, and once the comparison is successful, the application is considered as a malicious application. The second is an approach based on dynamic system calls. It goes deep into the interior of the Android application and observes the function calls of the application at runtime. The third is a detection method based on network traffic, which considers the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/563
Inventor 陈贞翔王闪闪杨波孙润元荆山马坤
Owner UNIV OF JINAN
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products