Host-oriented suspicious network connection identification method
A network connection and identification method technology, which is applied in the field of suspicious network connection identification, and can solve problems such as false positives
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Examples
Example Embodiment
[0015] Example:
[0016] A host-oriented method for identifying suspicious network connections, which utilizes the characteristics of various types of abnormal network connections in the attack process of APT attacks, and these suspicious network connections are different from the normal network connections related to the normal business of the host. By adopting the clustering method, it is easy to distinguish suspicious network connections related to APT attacks from normal network connections related to normal services of the host, so as to detect various suspicious network connections related to APT attacks, which can be used for subsequent APT attacks. The continuous tracking provided an important breakthrough.
[0017] A host-oriented method for identifying suspicious network connections includes the following steps:
[0018] A) determine each network connection feature used to realize network connection type clustering, and construct a network connection multidimensiona...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap