Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

A detection method and device for malicious detection behavior

A behavioral and malicious technology, applied in the computer field, can solve problems such as poor detection results, false positives, and computer infection with Trojan horse viruses

Active Publication Date: 2021-01-05
TENCENT TECH (SHENZHEN) CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among them, malicious detection behaviors are often used in various fraudulent, counterfeiting, phishing or hanging horse webpages. When users accidentally access such webpages, it may cause economic losses to users, leakage of personal privacy information, or infection of current computers. Adverse effects such as Trojan horse virus
[0004] In the prior art, the detection of malicious detection behavior mainly depends on the statistics of the total number of visits to the destination URL and the judgment of the threshold. Access requests are also mixed with malicious detection behavior, which can cause a large number of false positives
If the threshold is set too small, a large number of false positives will be generated. If the threshold is set too large, malicious detection behaviors cannot be effectively detected. Therefore, the detection scheme of malicious detection behaviors provided by the prior art has the problem of poor detection effect.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A detection method and device for malicious detection behavior
  • A detection method and device for malicious detection behavior
  • A detection method and device for malicious detection behavior

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] Embodiments of the present invention provide a detection method and device for malicious detection behaviors, which are used to effectively solve the detection problem of malicious detection behaviors and improve the detection effect of malicious detection behaviors.

[0034] In order to make the purpose, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the following The described embodiments are only some, not all, embodiments of the present invention. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention belong to the protection scope of the present invention.

[0035] The terms "comprising" and "having" in the description and claims of the present invention and the ab...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a method and a device for detecting a malicious detection behavior, which can improve the detection result of the malicious detection behavior. In the method,a detection behavior set sent to a network server by a client is obtained; it is judged whether each to-be-detected uniform resource locator URL is the same as a non-malicious URL portrait in a non-malicious URL portrait set, respectively; if the to-be-detected URL is the same as the non-malicious URL portrait in the non-malicious URL portrait set, it is determined that offset does not exist in the to-be-detected URL and the non-malicious URL portrait set; the number of the to-be-detected URLs which with the non-malicious URL portrait set are offset is subjected to summation calculation, andthe total offset amount of the client within a detection period of time is obtained; and when the total offset amount exceeds an offset threshold, the client is determined to execute the malicious detection behavior.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a detection method and device for malicious detection behavior. Background technique [0002] With the rapid development of Internet technology, users' operations on the Internet will become more and more frequent. At the same time, some malicious elements develop automatic access programs to perform malicious acts on the Internet, such as cracking the password Identification of spam and property theft, etc., so it is necessary to effectively detect malicious behavior. [0003] At present, network (web) scanning detection is a common method for hackers to further intrude after entering the intranet. For example, obtain the Uniform Resource Locator (Uniform Resource Locator, URL) resource tree through crawlers, or detect that the management background of the network server is a hacker The common method of stepping on the site, the current method of detecting malicious detection...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1433H04L63/1441
Inventor 马立伟王月强李志豪张刚王朝飞
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products