Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Zombie network control node detection method and device

A botnet and control node technology, applied in the field of computer applications, can solve the problems of long time consumption, low accuracy, inability to completely obtain botnet control nodes, etc., and achieve the effect of improving scanning efficiency and detection efficiency

Active Publication Date: 2019-07-02
HARBIN ANTIY TECH
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Extracting botnet control nodes through samples is a relatively fast way. However, since VirusTotal cannot ensure that the latest samples of the same family can be completely captured, it is impossible to fully obtain the latest botnet control nodes, and the general network control node detection method consumes time, low accuracy

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Zombie network control node detection method and device
  • Zombie network control node detection method and device
  • Zombie network control node detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary and are intended to explain the present invention and should not be construed as limiting the present invention.

[0027] The method and device for detecting a botnet control node according to an embodiment of the present invention will be described below with reference to the accompanying drawings. First, the method for detecting a botnet control node according to an embodiment of the present invention will be described with reference to the accompanying drawings.

[0028] figure 1 It is a flow chart of the detection method of the botnet control node in the embodiment of the present invention.

[0029] Such as figure 1 As shown, the detect...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a zombie network control node detection method and device, and the method comprises the steps: generating a high-frequency network segment according to the IP of a current zombie network control node, so as to rapidly locate the position of a suspicious network control node; obtaining an initial suspicious network control node set according to the current state of the portof the high-frequency network segment IP, and obtaining a suspicious network control node list with a preset common port list; filtering according to the suspicious network control node list to obtaina high suspicious network control node list; performing matching and protocol detection according to the highly suspicious network control node list and the port list of the zombie network family; performing protocol verification on the highly suspicious network control nodes in the highly suspicious network control node list according to the classification result; and obtaining the network control node of the corresponding zombie network family according to the family protocol. The method accelerates automatic active analysis and detection of zombie network control nodes, detects more unknown zombie network control nodes, improves the detection efficiency, and improves the scanning efficiency.

Description

technical field [0001] The invention relates to the field of computer application technology, in particular to a detection method and device for a botnet control node. Background technique [0002] Three steps are required to realize the automated botnet monitoring process. First, family identification and reverse analysis of family communication protocols; second, automated monitoring and protocol analysis scripts; finally, batch input of botnet control nodes for batch automated monitoring. After the first two steps are completed, more active botnet control nodes need to be input to realize intensive monitoring of single-family botnets and generate more monitoring data. [0003] Obtain detected samples through VirusTotal for sample extraction to obtain botnet control nodes. Extracting botnet control nodes through samples is a relatively fast way. However, since VirusTotal cannot ensure that the latest samples of the same family can be completely captured, it is impossible ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/145H04L63/1408H04L63/0245H04L2463/144
Inventor 康学斌黄云宇李珍玲王小丰肖新光
Owner HARBIN ANTIY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com