Unlock instant, AI-driven research and patent intelligence for your innovation.

A traffic-based self-feedback malware monitoring system and method

A malicious software and self-feedback technology, applied in the transmission system, electrical components, etc., can solve the problems of low adaptability to accuracy changes, limited detection range, etc., to reduce workload, ensure continuous learning, and improve system efficiency.

Active Publication Date: 2021-08-03
SHANGHAI JIAOTONG UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The technical problem to be solved by the present invention is that the current detection method for malicious software still has the problems of limited detection range, low accuracy and low adaptability to changes.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A traffic-based self-feedback malware monitoring system and method
  • A traffic-based self-feedback malware monitoring system and method
  • A traffic-based self-feedback malware monitoring system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The following describes several preferred embodiments of the present invention with reference to the accompanying drawings to make the technical content clearer and easier to understand. The present invention can be embodied in many different forms of embodiments, and the protection scope of the present invention is not limited to the embodiments mentioned herein.

[0045] Such as figure 1As shown, a flow-based self-feedback malware monitoring system provided by the present invention includes four modules including a data preprocessing module, a detection analysis module, a pre-training module and a feedback training module. The system first adjusts the convolutional neural network detection model through the pre-training module, takes the network traffic captured at the gateway as input, and after filtering, reorganizing, analyzing and detecting, uses the source IP, destination IP, and User-Agent (ie, UA), and the port number in the form of a quadruple to give the fin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a flow-based self-feedback malicious software monitoring system and method, comprising the following steps: step 1, acquiring HTTP flow, and filtering the HTTP flow of benign domain name; step 2, cleaning and filtering out the HTTP flow originating from the browser The HTTP flow of described; Step 3, compare with the fingerprint feature database, directly identify; Step 4, carry out streaming processing to the described HTTP flow that cannot identify, flow is carried out clustering; Step 5, detection analysis; Step 6, to Verify the detection results, calculate and monitor the false positive rate; step 7, when the false positive rate exceeds the set threshold, perform feedback training and adjustment to the model; step 8, execute the steps 1 to 7 cyclically. The invention can efficiently monitor malicious software, and can adapt to the constantly changing dynamic flow environment, and can cope with the current changing and developing trend of malicious software.

Description

technical field [0001] The invention relates to the field of computer network security, in particular to a traffic-based self-feedback malicious software monitoring system and method. Background technique [0002] Internet security has always been an important issue worldwide. With the rapid development of new network attack methods, Internet security threats are becoming more and more intensified. Malware, as one of the major network threats, is likely to cause the entire network system where it is located to be attacked and cause the leakage of sensitive information. This also makes the accurate and timely identification and classification of malware in the network system increasingly important. [0003] For an organization, an insider's negligence and the introduction of malware could end up causing unforeseen damage. How to effectively detect malware in its entire network system environment has become a common topic. However, the current main way of malware detection ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0227H04L63/0236H04L63/1408H04L63/1416H04L63/145H04L67/02
Inventor 邹福泰王林肖佳伟刘运卓尹凯涛吴越
Owner SHANGHAI JIAOTONG UNIV