Malicious application detection method and device based on network flow, equipment and medium

A malicious application and network traffic technology, applied in computer security devices, instruments, platform integrity maintenance, etc., can solve problems such as network burden, identification difficulties, and difficulty in online detection of malicious applications, so as to improve efficiency and accuracy and save network. The effect of resources

Active Publication Date: 2021-03-26
BEIJING UNIV OF POSTS & TELECOMM
View PDF4 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among them, most malicious application detection technologies based on network traffic and machine learning algorithms rely too much on features, which may be specific traffic fields, static signatures, and statistical features, and it is extremely difficult to identify these effective features from network traffic
Malicious application detection based on deep neural network, because the model of deep neural network is generally deployed on the terminal side rather than the network side,

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious application detection method and device based on network flow, equipment and medium
  • Malicious application detection method and device based on network flow, equipment and medium
  • Malicious application detection method and device based on network flow, equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0041] In order to make the objects, technical solutions, and advantages of the present disclosure, the present disclosure will be described in detail below with reference to the accompanying drawings.

[0042] It should be noted that the technical terms or scientific terms used in the disclosed embodiments, unless otherwise defined, the technical terms used in the disclosure of which should be understood by those who have general skills in the art of the present disclosure. The "first", "second" and similar words used in the embodiments of the present disclosure do not represent any order, quantity, or importance, but only to distinguish different components. Similar words to "include" or "include", meaning that the elements or objects of the previously mentioned previously enumerated elements or objects that appear later in the word, without excluding other elements or objects.

[0043] At present, both the anti-virus product of mobile terminal equipment or the server's software...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious application detection method and device based on network traffic, equipment and a storage medium. The method comprises the following steps: cleaning network trafficcollected by network access equipment according to a predetermined standard to obtain target traffic; based on the application fingerprint of the target flow, identifying a target application corresponding to the target flow; determining a source device corresponding to the target flow based on the identification flow of the indication address in the target flow; and extracting a first traffic feature from the target traffic, and determining whether the target application on the source device is a malicious application based on the first traffic feature. According to the malicious applicationdetection method and device, malicious application detection of the whole local area network is achieved from the macroscopic level of the local area network rather than the terminal without dependingon specific flow fields, static signatures, statistical characteristics and the like, and the malicious application detection efficiency and precision of the whole local area network are improved.

Description

technical field [0001] The present disclosure relates to the technical field of malicious application detection, and in particular to malicious application detection based on network traffic. Background technique [0002] In order to better protect the personal privacy and property security of mobile terminal users, the detection and identification of malicious applications (Application) is becoming more and more urgent. At present, more research begins to focus on the network traffic generated by malicious applications, and attempts to detect malicious applications from the perspective of network traffic. Among them, most malicious application detection technologies based on network traffic and machine learning algorithms rely too much on features, which may be specific traffic fields, static signatures, and statistical features, and it is extremely difficult to identify these effective features from network traffic. Malicious application detection based on deep neural net...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06F21/56
CPCG06F21/566G06F2221/033H04L63/1416H04L63/1425
Inventor 张淼徐国爱郭燕慧徐国胜王俊森
Owner BEIJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap