CN101588276A - 一种检测僵尸网络的方法及其装置 - Google Patents
一种检测僵尸网络的方法及其装置 Download PDFInfo
- Publication number
- CN101588276A CN101588276A CNA2009101422921A CN200910142292A CN101588276A CN 101588276 A CN101588276 A CN 101588276A CN A2009101422921 A CNA2009101422921 A CN A2009101422921A CN 200910142292 A CN200910142292 A CN 200910142292A CN 101588276 A CN101588276 A CN 101588276A
- Authority
- CN
- China
- Prior art keywords
- data message
- main frame
- executable program
- access request
- safety analysis
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/144—Detection or countermeasures against botnets
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Description
Claims (10)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200910142292A CN101588276B (zh) | 2009-06-29 | 2009-06-29 | 一种检测僵尸网络的方法及其装置 |
PCT/CN2010/074611 WO2011000297A1 (zh) | 2009-06-29 | 2010-06-28 | 一种检测僵尸网络的方法及其装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200910142292A CN101588276B (zh) | 2009-06-29 | 2009-06-29 | 一种检测僵尸网络的方法及其装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101588276A true CN101588276A (zh) | 2009-11-25 |
CN101588276B CN101588276B (zh) | 2012-09-19 |
Family
ID=41372350
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200910142292A Active CN101588276B (zh) | 2009-06-29 | 2009-06-29 | 一种检测僵尸网络的方法及其装置 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN101588276B (zh) |
WO (1) | WO2011000297A1 (zh) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101924754A (zh) * | 2010-07-15 | 2010-12-22 | 国家计算机网络与信息安全管理中心 | 一种恶意代码控制端主动发现方法及装置 |
WO2011047600A1 (zh) * | 2009-10-20 | 2011-04-28 | 成都市华为赛门铁克科技有限公司 | 僵尸网络检测方法、装置和系统 |
CN102571487A (zh) * | 2011-12-20 | 2012-07-11 | 东南大学 | 基于多数据源分布式的僵尸网络规模测量及追踪方法 |
CN101741862B (zh) * | 2010-01-22 | 2012-07-18 | 西安交通大学 | 基于数据包序列特征的irc僵尸网络检测系统和检测方法 |
CN104796386A (zh) * | 2014-01-21 | 2015-07-22 | 腾讯科技(深圳)有限公司 | 一种僵尸网络的检测方法、装置和系统 |
CN106973051A (zh) * | 2017-03-27 | 2017-07-21 | 山石网科通信技术有限公司 | 建立检测网络威胁模型的方法、装置、存储介质和处理器 |
CN110602104A (zh) * | 2019-09-17 | 2019-12-20 | 北京丁牛科技有限公司 | 一种防止公有云盘被僵尸网络恶意利用的方法及装置 |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2008306610A (ja) * | 2007-06-11 | 2008-12-18 | Hitachi Ltd | 不正侵入・不正ソフトウェア調査システム、および通信振分装置 |
CN101404658B (zh) * | 2008-10-31 | 2011-11-16 | 北京锐安科技有限公司 | 一种检测僵尸网络的方法及其系统 |
-
2009
- 2009-06-29 CN CN200910142292A patent/CN101588276B/zh active Active
-
2010
- 2010-06-28 WO PCT/CN2010/074611 patent/WO2011000297A1/zh active Application Filing
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8904532B2 (en) | 2009-10-20 | 2014-12-02 | Chengdu Huawei Symantec Technologies Co., Ltd. | Method, apparatus and system for detecting botnet |
WO2011047600A1 (zh) * | 2009-10-20 | 2011-04-28 | 成都市华为赛门铁克科技有限公司 | 僵尸网络检测方法、装置和系统 |
CN101741862B (zh) * | 2010-01-22 | 2012-07-18 | 西安交通大学 | 基于数据包序列特征的irc僵尸网络检测系统和检测方法 |
CN101924754A (zh) * | 2010-07-15 | 2010-12-22 | 国家计算机网络与信息安全管理中心 | 一种恶意代码控制端主动发现方法及装置 |
CN101924754B (zh) * | 2010-07-15 | 2013-07-31 | 国家计算机网络与信息安全管理中心 | 一种恶意代码控制端主动发现方法及装置 |
CN102571487B (zh) * | 2011-12-20 | 2014-05-07 | 东南大学 | 基于多数据源分布式的僵尸网络规模测量及追踪方法 |
CN102571487A (zh) * | 2011-12-20 | 2012-07-11 | 东南大学 | 基于多数据源分布式的僵尸网络规模测量及追踪方法 |
CN104796386A (zh) * | 2014-01-21 | 2015-07-22 | 腾讯科技(深圳)有限公司 | 一种僵尸网络的检测方法、装置和系统 |
CN104796386B (zh) * | 2014-01-21 | 2020-02-11 | 腾讯科技(深圳)有限公司 | 一种僵尸网络的检测方法、装置和系统 |
CN106973051A (zh) * | 2017-03-27 | 2017-07-21 | 山石网科通信技术有限公司 | 建立检测网络威胁模型的方法、装置、存储介质和处理器 |
CN106973051B (zh) * | 2017-03-27 | 2019-11-19 | 山石网科通信技术股份有限公司 | 建立检测网络威胁模型的方法、装置和存储介质 |
CN110602104A (zh) * | 2019-09-17 | 2019-12-20 | 北京丁牛科技有限公司 | 一种防止公有云盘被僵尸网络恶意利用的方法及装置 |
CN110602104B (zh) * | 2019-09-17 | 2022-02-18 | 北京丁牛科技有限公司 | 一种防止公有云盘被僵尸网络恶意利用的方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN101588276B (zh) | 2012-09-19 |
WO2011000297A1 (zh) | 2011-01-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110677408B (zh) | 攻击信息的处理方法和装置、存储介质及电子装置 | |
US9680850B2 (en) | Identifying bots | |
KR101689299B1 (ko) | 보안이벤트 자동 검증 방법 및 장치 | |
CN110730175B (zh) | 一种基于威胁情报的僵尸网络检测方法及检测系统 | |
Kumar et al. | Machine learning classification model for network based intrusion detection system | |
Patil et al. | Survey on malicious web pages detection techniques | |
Garg et al. | Network-based detection of Android malicious apps | |
CN105915532B (zh) | 一种失陷主机的识别方法及装置 | |
CN111818103B (zh) | 一种网络靶场中基于流量的溯源攻击路径方法 | |
CN101588276B (zh) | 一种检测僵尸网络的方法及其装置 | |
CN102833240A (zh) | 一种恶意代码捕获方法及系统 | |
Gupta et al. | Exploitation of cross-site scripting (XSS) vulnerability on real world web applications and its defense | |
Grill et al. | Malware detection using http user-agent discrepancy identification | |
Grégio et al. | Ontology for malware behavior: A core model proposal | |
Alzahrani et al. | Real-time signature-based detection approach for sms botnet | |
Bocchi et al. | MAGMA network behavior classifier for malware traffic | |
Sahingoz et al. | Phishing detection from urls by using neural networks | |
CN104113525A (zh) | 一种防御资源消耗型Web攻击方法及装置 | |
Karthikeyan et al. | Honeypots for network security | |
CN108737332A (zh) | 一种基于机器学习的中间人攻击预测方法 | |
Priya et al. | A static approach to detect drive-by-download attacks on webpages | |
Zhao et al. | Network security model based on active defense and passive defense hybrid strategy | |
Hatada et al. | Finding new varieties of malware with the classification of network behavior | |
Zhang et al. | Error-sensor: mining information from HTTP error traffic for malware intelligence | |
Obied et al. | Fraudulent and malicious sites on the web |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C56 | Change in the name or address of the patentee |
Owner name: HUAWEI DIGITAL TECHNOLOGY (CHENGDU) CO., LTD. Free format text: FORMER NAME: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD. |
|
CP01 | Change in the name or title of a patent holder |
Address after: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee after: HUAWEI DIGITAL TECHNOLOGIES (CHENG DU) Co.,Ltd. Address before: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee before: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES Co.,Ltd. |
|
TR01 | Transfer of patent right |
Effective date of registration: 20220824 Address after: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee after: HUAWEI TECHNOLOGIES Co.,Ltd. Address before: 611731 Qingshui River District, Chengdu hi tech Zone, Sichuan, China Patentee before: HUAWEI DIGITAL TECHNOLOGIES (CHENG DU) Co.,Ltd. |
|
TR01 | Transfer of patent right |