Zombie network discovery method based on non-parameter statistics

A botnet and discovery method technology, applied in transmission systems, electrical components, etc., can solve problems such as not being able to reflect dynamics well, difficult to extract target subnets, insufficient to accurately detect botnets, etc. Effect

Active Publication Date: 2019-06-14
BEIHANG UNIV
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The detection of botnets is very important, however, the increasing number of members in P2P structured botnets makes the extraction of target subnets more difficult
Traditional statistical methods alone (e.g. P2P-related network characteristics such as peer churn rate, traffic, etc.; or characteristics at the node or edge level, such as number of neighbors, type of protocol used, connection duration, etc., may not be sufficient to accurately detect bots network, and cannot reflect the dynamics of the entire graph well

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Zombie network discovery method based on non-parameter statistics
  • Zombie network discovery method based on non-parameter statistics
  • Zombie network discovery method based on non-parameter statistics

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0010] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below may be combined with each other as long as they do not constitute a conflict with each other.

[0011] The invention proposes a brand-new and efficient method for discovering botnets based on non-parametric statistics. The method mainly includes the following steps: Step 1, establish a non-parametric scanning statistical model; Step 2, tree prior, approximate the graph data to a tree form that is easy to handle, and the device will use breadth-first search tree, random scan spanning tree ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A zombie network discovery method based on non-parameter statistics comprises the following steps: step 1, establishing a non-parameter scanning statistics model; step 2, tree priori: graph structuredata are approximated into a tree structure form convenient to process, and the tree structure adopted by the approximation mode comprises a width-first search tree, a random scanning spanning tree and a Steiner tree; and step 3, discovering the zombie network through multilayer dynamic programming based on tree priori.

Description

technical field [0001] The invention relates to a network security technology, and mainly relates to a botnet discovery method based on non-parameter statistics. Background technique [0002] In the field of network security, botnets have become a very common threat. Thousands of compromised hosts were programmed into botnets controlled by the attackers through command and control channels. Botnets have enabled cybercrime, including distributed denial-of-service (DDoS) attacks, spam, identity theft, and more. Since bot masters rely on C&C channels to command attacked machines and receive messages from bots, C&C channels serve as a key element of the botnet. [0003] Common structures of C&C channels include centralized architectures and P2P structures. In a centralized structure, all bots connect to one or a very limited server owned by the attacker. However, such an infrastructure introduces a potential disadvantage, a single point of failure. To overcome this weakness...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 李建欣邵明来张帅常悦邰振赢
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap