CN103428223B - 一种木马行为识别方法与系统 - Google Patents
一种木马行为识别方法与系统 Download PDFInfo
- Publication number
- CN103428223B CN103428223B CN201310381668.0A CN201310381668A CN103428223B CN 103428223 B CN103428223 B CN 103428223B CN 201310381668 A CN201310381668 A CN 201310381668A CN 103428223 B CN103428223 B CN 103428223B
- Authority
- CN
- China
- Prior art keywords
- wooden horse
- behavior
- network termination
- network
- state
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 14
- 230000000694 effects Effects 0.000 title description 4
- 239000006185 dispersion Substances 0.000 claims description 15
- 239000002023 wood Substances 0.000 claims description 13
- 230000005540 biological transmission Effects 0.000 claims 1
- 238000007726 management method Methods 0.000 description 5
- 230000003542 behavioural effect Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 230000006855 networking Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000006854 communication Effects 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 238000002513 implantation Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 208000008918 voyeurism Diseases 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
Claims (4)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310381668.0A CN103428223B (zh) | 2013-08-28 | 2013-08-28 | 一种木马行为识别方法与系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310381668.0A CN103428223B (zh) | 2013-08-28 | 2013-08-28 | 一种木马行为识别方法与系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103428223A CN103428223A (zh) | 2013-12-04 |
CN103428223B true CN103428223B (zh) | 2016-08-10 |
Family
ID=49652399
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310381668.0A Active CN103428223B (zh) | 2013-08-28 | 2013-08-28 | 一种木马行为识别方法与系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103428223B (zh) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111046600A (zh) * | 2018-10-11 | 2020-04-21 | 株洲中车时代电气股份有限公司 | 一种动态载荷识别方法 |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100557545C (zh) * | 2004-12-31 | 2009-11-04 | 福建东方微点信息安全有限责任公司 | 一种区分有害程序行为的方法 |
CN100547513C (zh) * | 2005-02-07 | 2009-10-07 | 福建东方微点信息安全有限责任公司 | 基于程序行为分析的计算机防护方法 |
CN102202064B (zh) * | 2011-06-13 | 2013-09-25 | 刘胜利 | 基于网络数据流分析的木马通信行为特征提取方法 |
CN102571796B (zh) * | 2012-01-13 | 2014-07-16 | 电子科技大学 | 一种移动互联网中僵尸木马防护方法及其系统 |
-
2013
- 2013-08-28 CN CN201310381668.0A patent/CN103428223B/zh active Active
Also Published As
Publication number | Publication date |
---|---|
CN103428223A (zh) | 2013-12-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10735511B2 (en) | Device and related method for dynamic traffic mirroring | |
US9813447B2 (en) | Device and related method for establishing network policy based on applications | |
US9130826B2 (en) | System and related method for network monitoring and control based on applications | |
US9256636B2 (en) | Device and related method for application identification | |
US9584393B2 (en) | Device and related method for dynamic traffic mirroring policy | |
US9230213B2 (en) | Device and related method for scoring applications running on a network | |
JP5029701B2 (ja) | 仮想マシン実行プログラム、ユーザ認証プログラムおよび情報処理装置 | |
JP5532458B2 (ja) | コンピュータシステム、コントローラ、及びネットワーク監視方法 | |
US7376745B2 (en) | Network address generating system, network address generating apparatus and method, program and storage medium | |
EP3499908B1 (en) | A device and method for the determination of applications running on a network | |
CN104322001A (zh) | 使用服务名称识别的传输层安全流量控制 | |
US20090144818A1 (en) | System and method for using variable security tag location in network communications | |
US8130756B2 (en) | Tunnel configuration associated with packet checking in a network | |
CN104601566B (zh) | 认证方法以及装置 | |
TW201407405A (zh) | 在一動態電腦網路中過濾通信之防火牆 | |
CN105763318B (zh) | 一种预共享密钥获取、分配方法及装置 | |
CN101820396A (zh) | 一种报文安全性验证的方法和设备 | |
CN102143088A (zh) | 一种基于ssl vpn的数据转发方法和设备 | |
CN104735050B (zh) | 一种融合mac认证和web认证的认证方法 | |
US8745691B1 (en) | System, method, and computer program product for preventing communication of data over a network connection | |
CN103428223B (zh) | 一种木马行为识别方法与系统 | |
CN106936779A (zh) | 一种数据连接方法、系统及装置 | |
CN103491081B (zh) | 检测dhcp攻击源的方法和装置 | |
CN105101195B (zh) | 网络准入的控制方法及装置 | |
Yamauchi et al. | Detecting HTTP-based botnet based on characteristic of the C & C session using by SVM |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 100094 No. 4, building 8, No. 305, West flourishing road, Haidian District, Beijing Applicant after: BEIJING YONGXIN ZHICHENG TECHNOLOGY CO.,LTD. Address before: 102208, room 530, amber world, No. 85, West Street, Changping District, Beijing, Huilongguan Applicant before: BEIJING YONGXIN ZHICHENG TECHNOLOGY Co.,Ltd. |
|
COR | Change of bibliographic data | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CB03 | Change of inventor or designer information |
Inventor after: Chen Jun Inventor after: Cai Jingjing Inventor after: Zhang Xuefeng Inventor after: Zhang Heng Inventor before: Chen Jun |
|
CB03 | Change of inventor or designer information | ||
TR01 | Transfer of patent right |
Effective date of registration: 20221118 Address after: 100094 103, building 6, yard 9, FengHao East Road, Haidian District, Beijing Patentee after: BEIJING YONGXIN ZHICHENG TECHNOLOGY CO.,LTD. Patentee after: Beijing Wuyi Jiayu Technology Co.,Ltd. Address before: No. 305, Building 4, Yard 8, Dongbei Wangxi Road, Haidian District, Beijing 100094 Patentee before: BEIJING YONGXIN ZHICHENG TECHNOLOGY CO.,LTD. |
|
TR01 | Transfer of patent right | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100094 103, building 6, yard 9, FengHao East Road, Haidian District, Beijing Patentee after: Yongxin Zhicheng Technology Group Co.,Ltd. Patentee after: Beijing Wuyi Jiayu Technology Co.,Ltd. Address before: 100094 103, building 6, yard 9, FengHao East Road, Haidian District, Beijing Patentee before: BEIJING YONGXIN ZHICHENG TECHNOLOGY CO.,LTD. Patentee before: Beijing Wuyi Jiayu Technology Co.,Ltd. |
|
CP01 | Change in the name or title of a patent holder |