CN102984177A - 一种识别远控木马的方法及其装置 - Google Patents
一种识别远控木马的方法及其装置 Download PDFInfo
- Publication number
- CN102984177A CN102984177A CN2012105679170A CN201210567917A CN102984177A CN 102984177 A CN102984177 A CN 102984177A CN 2012105679170 A CN2012105679170 A CN 2012105679170A CN 201210567917 A CN201210567917 A CN 201210567917A CN 102984177 A CN102984177 A CN 102984177A
- Authority
- CN
- China
- Prior art keywords
- domain name
- ddns
- module
- networking
- wooden horse
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 18
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 title abstract 5
- 230000006855 networking Effects 0.000 claims abstract description 27
- 238000004891 communication Methods 0.000 claims abstract description 16
- 230000008878 coupling Effects 0.000 claims description 14
- 238000010168 coupling process Methods 0.000 claims description 14
- 238000005859 coupling reaction Methods 0.000 claims description 14
- 238000001514 detection method Methods 0.000 claims description 12
- 241000700605 Viruses Species 0.000 abstract description 3
- 238000012544 monitoring process Methods 0.000 abstract description 3
- 230000006870 function Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 230000006378 damage Effects 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Images
Abstract
Description
Claims (8)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210567917.0A CN102984177B (zh) | 2012-12-24 | 2012-12-24 | 一种识别远控木马的方法及其装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210567917.0A CN102984177B (zh) | 2012-12-24 | 2012-12-24 | 一种识别远控木马的方法及其装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102984177A true CN102984177A (zh) | 2013-03-20 |
CN102984177B CN102984177B (zh) | 2016-01-27 |
Family
ID=47857920
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210567917.0A Active CN102984177B (zh) | 2012-12-24 | 2012-12-24 | 一种识别远控木马的方法及其装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102984177B (zh) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103873466A (zh) * | 2014-03-04 | 2014-06-18 | 深信服网络科技(深圳)有限公司 | Https网站过滤及阻断告警的方法和装置 |
CN106992992A (zh) * | 2017-05-24 | 2017-07-28 | 南京中孚信息技术有限公司 | 一种基于通信行为的木马检测方法 |
CN107454037A (zh) * | 2016-05-30 | 2017-12-08 | 深圳市深信服电子科技有限公司 | 网络攻击的识别方法和系统 |
CN110311930A (zh) * | 2019-08-01 | 2019-10-08 | 杭州安恒信息技术股份有限公司 | 远控回连行为的识别方法、装置及电子设备 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090320131A1 (en) * | 2008-06-18 | 2009-12-24 | Chiung-Ying Huang | Method and System for Preventing Malicious Communication |
CN102025713A (zh) * | 2010-02-09 | 2011-04-20 | 中国移动通信集团北京有限公司 | 一种访问控制方法、系统及dns服务器 |
US20120042381A1 (en) * | 2010-08-10 | 2012-02-16 | Manos Antonakakis | Method and system for determining whether domain names are legitimate or malicious |
CN102647425A (zh) * | 2012-04-20 | 2012-08-22 | 汉柏科技有限公司 | 防火墙防木马功能的实现方法及系统 |
CN102761458A (zh) * | 2011-12-20 | 2012-10-31 | 北京安天电子设备有限公司 | 一种反弹式木马的检测方法和系统 |
CN102833258A (zh) * | 2012-08-31 | 2012-12-19 | 北京奇虎科技有限公司 | 网址访问方法及系统 |
-
2012
- 2012-12-24 CN CN201210567917.0A patent/CN102984177B/zh active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090320131A1 (en) * | 2008-06-18 | 2009-12-24 | Chiung-Ying Huang | Method and System for Preventing Malicious Communication |
CN102025713A (zh) * | 2010-02-09 | 2011-04-20 | 中国移动通信集团北京有限公司 | 一种访问控制方法、系统及dns服务器 |
US20120042381A1 (en) * | 2010-08-10 | 2012-02-16 | Manos Antonakakis | Method and system for determining whether domain names are legitimate or malicious |
CN102761458A (zh) * | 2011-12-20 | 2012-10-31 | 北京安天电子设备有限公司 | 一种反弹式木马的检测方法和系统 |
CN102647425A (zh) * | 2012-04-20 | 2012-08-22 | 汉柏科技有限公司 | 防火墙防木马功能的实现方法及系统 |
CN102833258A (zh) * | 2012-08-31 | 2012-12-19 | 北京奇虎科技有限公司 | 网址访问方法及系统 |
Non-Patent Citations (1)
Title |
---|
左洪艳: "僵尸网络检测系统的研究与设计", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103873466A (zh) * | 2014-03-04 | 2014-06-18 | 深信服网络科技(深圳)有限公司 | Https网站过滤及阻断告警的方法和装置 |
CN103873466B (zh) * | 2014-03-04 | 2018-01-19 | 深信服网络科技(深圳)有限公司 | Https网站过滤及阻断告警的方法和装置 |
CN107454037A (zh) * | 2016-05-30 | 2017-12-08 | 深圳市深信服电子科技有限公司 | 网络攻击的识别方法和系统 |
CN107454037B (zh) * | 2016-05-30 | 2020-12-01 | 深信服科技股份有限公司 | 网络攻击的识别方法和系统 |
CN106992992A (zh) * | 2017-05-24 | 2017-07-28 | 南京中孚信息技术有限公司 | 一种基于通信行为的木马检测方法 |
CN106992992B (zh) * | 2017-05-24 | 2020-02-11 | 南京中孚信息技术有限公司 | 一种基于通信行为的木马检测方法 |
CN110311930A (zh) * | 2019-08-01 | 2019-10-08 | 杭州安恒信息技术股份有限公司 | 远控回连行为的识别方法、装置及电子设备 |
Also Published As
Publication number | Publication date |
---|---|
CN102984177B (zh) | 2016-01-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
RU2635273C2 (ru) | Система и метод управления домашним шлюзом с помощью интеллектуального терминала | |
KR102095334B1 (ko) | 로그 정보 생성장치 및 기록매체와 로그 정보 추출장치 및 기록매체 | |
CN103051617A (zh) | 识别程序的网络行为的方法、装置及系统 | |
CN111132120B (zh) | 识别房间局域网中的摄像装置的方法、系统及设备 | |
US10187400B1 (en) | Packet filters in security appliances with modes and intervals | |
EP2439647B1 (en) | Implement method, operation method, and system without installing data card driver | |
TWI571837B (zh) | 用於安全系統存取檢測的方法及系統 | |
US11843621B2 (en) | Behavior based profiling | |
CN102984177A (zh) | 一种识别远控木马的方法及其装置 | |
KR102178305B1 (ko) | IoT 네트워크 접근을 제어하는 보안 시스템 | |
CN103368978A (zh) | 实现智能移动终端应用漏洞和通信安全检测的系统及方法 | |
KR101964148B1 (ko) | 기계 학습 기반으로 이상 행위를 분석하는 유무선 공유기 및 그 방법 | |
US10523763B2 (en) | Communication device, communication method, controlled device, and non-transitory computer readable medium | |
WO2018188470A1 (zh) | 一种上传接口识别方法、识别服务器及系统及存储介质 | |
US8332510B2 (en) | Proxy detection by service processor | |
CN110505116A (zh) | 用电信息采集系统及渗透测试方法、装置、可读存储介质 | |
CN110969740A (zh) | 门禁管理系统对不同类型门禁设备的接入方法及门禁系统 | |
KR102048141B1 (ko) | 신규 정보보안 취약점 선제 대응 시스템 및 방법 | |
CN103067360B (zh) | 程序网络行为识别方法及系统 | |
KR101366622B1 (ko) | 비인가 접근 제어를 위한 노드 식별을 위한 플랫폼 인식장치 | |
KR101491322B1 (ko) | 자기 구성 근거리 네트워크 보안 | |
CN109218275B (zh) | 应用交互方法及装置 | |
US20170251021A1 (en) | System and Method for Communicating with Security Devices within Secure Networks | |
US11374977B2 (en) | Endpoint risk-based network protection | |
KR101872072B1 (ko) | 공유기 보안 침해 점검 방법 및 이를 수행하는 시스템 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
ASS | Succession or assignment of patent right |
Owner name: KINGSOFT CORPORATION LIMITED BEIKE INTERNET (BEIJI Effective date: 20130503 |
|
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20130503 Address after: Jingshan Hill Road, Lane 519015 Lianshan Jida Guangdong province Zhuhai City No. 8 Applicant after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. Applicant after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Applicant after: SHELL INTERNET (BEIJING) SECURITY TECHNOLOGY Co.,Ltd. Applicant after: BEIJING KINGSOFT NETWORK TECHNOLOGY Co.,Ltd. Address before: Jingshan Hill Road, Lane 519015 Lianshan Jida Guangdong province Zhuhai City No. 8 Applicant before: Zhuhai Juntian Electronic Technology Co.,Ltd. |
|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: 519070 Guangdong city of Zhuhai Province town Harbour Road Technology Road No. 10 building six layer 601F Co-patentee after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. Co-patentee after: Beijing Cheetah Mobile Technology Co.,Ltd. Co-patentee after: Beijing Cheetah Network Technology Co.,Ltd. Address before: Jingshan Hill Road, Lane 519015 Lianshan Jida Guangdong province Zhuhai City No. 8 Co-patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd. Co-patentee before: SHELL INTERNET (BEIJING) SECURITY TECHNOLOGY Co.,Ltd. Co-patentee before: BEIJING KINGSOFT NETWORK TECHNOLOGY Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20191125 Address after: Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province Patentee after: Zhuhai Leopard Technology Co.,Ltd. Address before: 519070, No. 10, main building, No. six, science Road, Harbour Road, Tang Wan Town, Guangdong, Zhuhai, 601F Co-patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd. Co-patentee before: Beijing Cheetah Mobile Technology Co.,Ltd. Co-patentee before: Beijing Cheetah Network Technology Co.,Ltd. |