CN104579773B - 域名系统分析方法及装置 - Google Patents
域名系统分析方法及装置 Download PDFInfo
- Publication number
- CN104579773B CN104579773B CN201410855701.3A CN201410855701A CN104579773B CN 104579773 B CN104579773 B CN 104579773B CN 201410855701 A CN201410855701 A CN 201410855701A CN 104579773 B CN104579773 B CN 104579773B
- Authority
- CN
- China
- Prior art keywords
- domain name
- record
- access
- classification
- event model
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 239000013598 vector Substances 0.000 claims description 50
- 238000004422 calculation algorithm Methods 0.000 claims description 39
- 238000012549 training Methods 0.000 claims description 39
- 230000013016 learning Effects 0.000 claims description 25
- 230000008878 coupling Effects 0.000 claims description 8
- 238000010168 coupling process Methods 0.000 claims description 8
- 238000005859 coupling reaction Methods 0.000 claims description 8
- 238000013507 mapping Methods 0.000 description 22
- 238000004458 analytical method Methods 0.000 description 20
- 230000008569 process Effects 0.000 description 16
- 230000006870 function Effects 0.000 description 6
- 238000013461 design Methods 0.000 description 5
- 238000001514 detection method Methods 0.000 description 5
- 230000002776 aggregation Effects 0.000 description 4
- 238000004220 aggregation Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 4
- 238000012217 deletion Methods 0.000 description 4
- 230000037430 deletion Effects 0.000 description 4
- 238000002372 labelling Methods 0.000 description 4
- 230000000630 rising effect Effects 0.000 description 4
- 238000004821 distillation Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000000513 principal component analysis Methods 0.000 description 3
- 238000007405 data analysis Methods 0.000 description 2
- 230000001419 dependent effect Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000013139 quantization Methods 0.000 description 2
- 230000009467 reduction Effects 0.000 description 2
- 230000003612 virological effect Effects 0.000 description 2
- 206010001488 Aggression Diseases 0.000 description 1
- 241001269238 Data Species 0.000 description 1
- 230000016571 aggressive behavior Effects 0.000 description 1
- 208000012761 aggressive behavior Diseases 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000000052 comparative effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 239000000470 constituent Substances 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000001035 drying Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (12)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410855701.3A CN104579773B (zh) | 2014-12-31 | 2014-12-31 | 域名系统分析方法及装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410855701.3A CN104579773B (zh) | 2014-12-31 | 2014-12-31 | 域名系统分析方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104579773A CN104579773A (zh) | 2015-04-29 |
CN104579773B true CN104579773B (zh) | 2016-08-24 |
Family
ID=53095038
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410855701.3A Active CN104579773B (zh) | 2014-12-31 | 2014-12-31 | 域名系统分析方法及装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104579773B (zh) |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105491444B (zh) * | 2015-11-25 | 2018-11-06 | 珠海多玩信息技术有限公司 | 一种数据识别处理方法以及装置 |
CN105554007B (zh) * | 2015-12-25 | 2019-01-04 | 北京奇虎科技有限公司 | 一种web异常检测方法和装置 |
CN107332804B (zh) * | 2016-04-29 | 2021-01-26 | 阿里巴巴集团控股有限公司 | 网页漏洞的检测方法及装置 |
CN107547488B (zh) * | 2016-06-29 | 2020-12-15 | 华为技术有限公司 | 一种dns隧道检测方法以及dns隧道检测装置 |
BR112018074592A2 (pt) | 2016-09-23 | 2019-04-09 | Hewlett Packard Development Co | acesso de endereço ip baseado em nível de segurança e em histórico de acessos |
CN106453320B (zh) * | 2016-10-14 | 2019-06-18 | 北京奇虎科技有限公司 | 恶意样本的识别方法及装置 |
CN106713335B (zh) * | 2016-12-30 | 2020-10-30 | 山石网科通信技术股份有限公司 | 恶意软件的识别方法及装置 |
CN108462675A (zh) * | 2017-02-20 | 2018-08-28 | 沪江教育科技(上海)股份有限公司 | 一种网络访问识别方法及系统 |
CN108881192B (zh) * | 2018-06-04 | 2021-10-22 | 上海交通大学 | 一种基于深度学习的加密型僵尸网络检测系统及方法 |
CN108933846B (zh) * | 2018-06-21 | 2021-08-27 | 北京谷安天下科技有限公司 | 一种泛解析域名的识别方法、装置及电子设备 |
CN109698820A (zh) * | 2018-09-03 | 2019-04-30 | 长安通信科技有限责任公司 | 一种域名相似性计算及分类方法和系统 |
CN111355697B (zh) * | 2018-12-24 | 2022-02-25 | 深信服科技股份有限公司 | 僵尸网络域名家族的检测方法、装置、设备及存储介质 |
CN114900330A (zh) * | 2022-04-07 | 2022-08-12 | 京东科技信息技术有限公司 | 一种页面防护的方法和装置 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102685145A (zh) * | 2012-05-28 | 2012-09-19 | 西安交通大学 | 一种基于dns数据包的僵尸网络域名发现方法 |
CN102684997A (zh) * | 2012-04-13 | 2012-09-19 | 亿赞普(北京)科技有限公司 | 一种通信报文的分类、训练方法和装置 |
US8631498B1 (en) * | 2011-12-23 | 2014-01-14 | Symantec Corporation | Techniques for identifying potential malware domain names |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102316166B (zh) * | 2011-09-26 | 2015-07-08 | 中国科学院计算机网络信息中心 | 网站推荐方法和系统以及网络服务器 |
CN103684896B (zh) * | 2012-09-07 | 2017-02-01 | 中国科学院计算机网络信息中心 | 基于域名解析特征的网站作弊检测方法 |
CN102938769A (zh) * | 2012-11-22 | 2013-02-20 | 国家计算机网络与信息安全管理中心 | 一种Domain flux僵尸网络域名检测方法 |
CN103647676B (zh) * | 2013-12-30 | 2016-09-14 | 中国科学院计算机网络信息中心 | 域名系统数据处理方法 |
-
2014
- 2014-12-31 CN CN201410855701.3A patent/CN104579773B/zh active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8631498B1 (en) * | 2011-12-23 | 2014-01-14 | Symantec Corporation | Techniques for identifying potential malware domain names |
CN102684997A (zh) * | 2012-04-13 | 2012-09-19 | 亿赞普(北京)科技有限公司 | 一种通信报文的分类、训练方法和装置 |
CN102685145A (zh) * | 2012-05-28 | 2012-09-19 | 西安交通大学 | 一种基于dns数据包的僵尸网络域名发现方法 |
Also Published As
Publication number | Publication date |
---|---|
CN104579773A (zh) | 2015-04-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104579773B (zh) | 域名系统分析方法及装置 | |
CN101971591B (zh) | 分析网址的系统及方法 | |
CN110431817A (zh) | 识别恶意网络设备 | |
CN106027577B (zh) | 一种异常访问行为检测方法及装置 | |
CN103685575B (zh) | 一种基于云架构的网站安全监控方法 | |
CN107332848B (zh) | 一种基于大数据的网络流量异常实时监测系统 | |
CN107241296B (zh) | 一种Webshell的检测方法及装置 | |
CN105357221A (zh) | 识别钓鱼网站的方法及装置 | |
WO2018208451A1 (en) | Real time detection of cyber threats using behavioral analytics | |
US10404731B2 (en) | Method and device for detecting website attack | |
CN112866023B (zh) | 网络检测、模型训练方法、装置、设备及存储介质 | |
US10425436B2 (en) | Identifying bulletproof autonomous systems | |
TW201705034A (zh) | 用於使用無監督式機器學習和優先權演算法的高速威脅性情報管理的系統及方法 | |
CN107451476A (zh) | 基于云平台的网页后门检测方法、系统、设备及存储介质 | |
CN106992981B (zh) | 一种网站后门检测方法、装置和计算设备 | |
US20220075872A1 (en) | Method and system for detecting malicious infrastructure | |
CN104202291A (zh) | 基于多因素综合评定方法的反钓鱼方法 | |
US20190260711A1 (en) | Systems and methods for implementing a privacy firewall | |
CN107733902A (zh) | 一种目标数据扩散过程的监控方法及装置 | |
Sujatha | Improved user navigation pattern prediction technique from web log data | |
Pretorius et al. | Attributing users based on web browser history | |
CN116996286A (zh) | 一种基于大数据分析的网络攻击和安全漏洞治理框架平台 | |
Harbola et al. | Improved intrusion detection in DDoS applying feature selection using rank & score of attributes in KDD-99 data set | |
CN110572402A (zh) | 基于网络访问行为分析的互联网托管网站检测方法、系统和可读存储介质 | |
US20210160280A1 (en) | System and method for digitally fingerprinting phishing actors |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C41 | Transfer of patent application or patent right or utility model | ||
TR01 | Transfer of patent right |
Effective date of registration: 20161129 Address after: 100088 Jiuxianqiao Chaoyang District Beijing Road No. 10, building 15, floor 17, layer 1701-26, 3 Patentee after: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. Address before: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: No. 32, Building 3, 102, 28 Xinjiekouwai Street, Xicheng District, Beijing Patentee after: Qianxin Technology Group Co.,Ltd. Address before: Beijing Chaoyang District Jiuxianqiao Road 10, building 15, floor 17, layer 1701-26, 3 Patentee before: BEIJING QIANXIN TECHNOLOGY Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20201229 Address after: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Patentee after: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. Patentee after: Qianxin Technology Group Co.,Ltd. Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee before: Qianxin Technology Group Co.,Ltd. |
|
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Patentee after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Patentee after: Qianxin Technology Group Co.,Ltd. Address before: 100044 2nd floor, building 1, yard 26, Xizhimenwai South Road, Xicheng District, Beijing Patentee before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. Patentee before: Qianxin Technology Group Co.,Ltd. |