Malware detection method based on HTTP behavior graph
A malware and detection method technology, applied in the field of network security, can solve the problems of poor classification effect and difficulty in distinguishing normal software and malware, and achieve the effect of good classification effect and high classification accuracy
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Example Embodiment
[0055] Example 1
[0056] A method for detecting malware based on an HTTP behavior graph provided by a preferred embodiment of the present invention includes the following steps:
[0057] Step 1: Collect HTTP traffic generated by malware and benign software;
[0058] Step 1.1: Use cuckoo to build a sandbox to simulate the real use environment of the software;
[0059] Step 1.2: Put the collected malware and benign software into the sandbox in turn, and collect the traffic generated by the malware and benign software;
[0060] Step 1.3: Enter the collected website of Alexatop10000 into the sandbox, and sequentially collect the website traffic of Alexatop10000 as a supplement to benign data;
[0061] Step 2: Use the collected traffic to build a behavior tree diagram corresponding to HTTP, such as figure 2 As shown, each tree of the behavior tree represents the HTTP behavior activity of the client in the sandbox, and the behavior tree includes a root node, child nodes and edg...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap